Skillv0.1.1

ClawScan security

X News Crawler · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 5, 2026, 7:45 AM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The skill largely does what it says (scrape X via agent-browser), but there are several incoherences and privacy risks—most notably instructions that require using your regular Chrome profile (exposing session cookies) and global pnpm approval—without those risks being documented in the registry metadata.
Guidance: Before installing or running this skill: 1) Understand that the instructions ask you to run Chrome with remote debugging on your regular profile—this can expose your logged-in sessions/cookies to the crawler. Prefer running Chrome with an isolated/test profile unless you explicitly need access to your account. 2) The SKILL.md asks you to run 'pnpm approve-builds -g' and install a global package; review the 'agent-browser-stealth' package source and trustworthiness before approving or installing globally. 3) Note the manifest metadata omits required binaries (scripts require 'abs', 'jq', 'python3'); confirm you trust and control the 'abs' binary being invoked. 4) If you must proceed, run the tool in a controlled environment (throwaway VM/container or isolated browser profile), audit network activity, and avoid exposing sensitive accounts. 5) If you want to be extra safe, ask the author for a signed/verified release of the agent-browser wrapper and for a justification why a regular profile is required and why global pnpm approval is necessary.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (crawl X search results) matches the included scripts that wrap 'abs' and produce JSON. However the registry metadata claims no required binaries/env vars, while scripts explicitly require 'abs', 'jq', and 'python3' (inconsistency). The SKILL.md also instructs global pnpm installs and global 'approve-builds', which is broader than what the metadata declares and is disproportionate to a simple scraper.
Instruction Scope: concernRuntime instructions require launching Chrome with --remote-debugging-port using the user's regular profile and explicitly say 'Do not use --user-data-dir'. That directs the crawler to reuse your normal browser profile (cookies, logged-in sessions). This materially expands the scope beyond public page scraping and has privacy/security implications that are not called out in metadata or guarded in the docs.
Install Mechanism: concernThere is no formal install spec in registry metadata, but SKILL.md instructs 'pnpm add -g agent-browser-stealth' and 'pnpm approve-builds -g'. Global package installs and approving builds globally are higher-risk actions because they affect the system and relax package protections. The SKILL.md install actions are not tied to a verified release URL or fingerprint in the manifest.
Credentials: concernThe skill declares no required environment variables, but uses and suggests AGENT_BROWSER_DEFAULT_TIMEOUT and an optional X_NEWS_FORCE_FAIL_SOURCE test variable. More importantly, the instruction to use a regular Chrome profile implicitly requires access to browser session cookies and authenticated sessions—this is a sensitive form of credential/access that is not declared or justified in the registry metadata.
Persistence & Privilege: noteThe skill does not request 'always: true' and does not appear to modify other skills or system-wide agent settings. The primary risk is temporary access to a running Chrome CDP endpoint tied to the regular profile, not persistent elevated privileges. The global pnpm approval/install are system-wide actions, however, and deserve caution.