openclaw-ultra-scraping
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is openly designed to evade website anti-bot and CAPTCHA protections and run powerful crawlers, so it is unsafe outside explicitly authorized testing.
Do not install this skill for ordinary browsing or scraping. It is designed to bypass website defenses; if you have explicit authorization to test your own site, run it only inside an isolated VM/container, pin and review dependencies, and use strict domain and rate limits.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could use this to access sites that are deliberately blocking bots, creating abuse, terms-of-service/legal, IP-blocking, and target-site harm risks.
The advertised core behavior is circumventing anti-bot and CAPTCHA protections, not merely fetching user-authorized pages.
Powerful web scraping, crawling, and data extraction with stealth anti-bot bypass (Cloudflare Turnstile, CAPTCHAs)... need to bypass Cloudflare or other bot protection.
Do not install for general use. Remove CAPTCHA/Cloudflare bypass features or restrict use to explicitly authorized testing with clear rate limits and site permissions.
A crawl starting from one page can fan out to unrelated sites and generate automated traffic beyond what the user intended.
The crawler can follow absolute HTTP links concurrently without a shown same-domain allowlist or containment policy.
concurrent_requests = concurrency ... for link in response.css('a::attr(href)').getall()[:20]: if link.startswith('http'): yield Response.follow(link)Add default same-origin restrictions, explicit allowlists, robots/rate-limit handling, and a preview of crawl scope before running.
Installing may change the host system and execute third-party installation code, increasing supply-chain and rollback risk.
The setup pulls system packages, an unpinned PyPI dependency with all extras, and browser assets through third-party installers.
apt-get update -qq ... "$VENV/bin/pip" install --quiet "scrapling[all]" ... "$VENV/bin/scrapling" install
Use a disposable VM or container, pin dependency versions and hashes, avoid host-root installs, and make install requirements explicit in registry metadata.
A setup failure or compromised dependency could affect the local machine beyond this skill’s directory.
Root installation is disclosed and related to browser dependencies, but it grants broad local system authority during setup.
The setup script requires root privileges. All installations are confined to /opt/scrapling-venv and standard system library paths.
Run only in an isolated container or VM and avoid granting root privileges on a primary workstation.
Crawl state or session state may persist longer than a single task, especially if the user or agent enables these features.
The skill documents stateful sessions and resumable crawling, which can preserve scraping state across runs if used.
Sessions: FetcherSession, StealthySession, DynamicSession for cookie/state persistence ... Spider framework: Scrapy-like concurrent crawling with pause/resume
Clear generated crawl/session data after use and avoid storing authenticated sessions unless explicitly needed and authorized.