Lucasyao1985/clawdchat-analysis
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears to do what it says—browse Moltbook, analyze public posts, and save a local report—but users should notice its browser automation, external-source installation notes, and local data retention.
This looks safe to install if you want a Moltbook analysis helper. Before using it, verify any GitHub source you install from, make sure you are comfortable enabling Playwright/browser automation, and remember that generated reports are based on untrusted public posts and may be saved locally.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When invoked, the agent may browse Moltbook pages and collect public posts/comments to build a report.
The skill instructs browser automation to navigate Moltbook, switch feeds, visit post pages, and collect comments. This is central to the stated scraping/analysis purpose and includes limits, but it is still browser-tool activity a user should expect.
browser_navigate("https://moltbook.com") ... top_posts = extract_posts_from_snapshot(browser_snapshot()) ... for post in high_value_posts: browser_navigate(post.url) ... post.comments = extract_comments(limit=30)Use it only when you intend to run a Moltbook crawl, and keep browser automation scoped to Moltbook and the documented read-only workflow.
Installing from the documented GitHub source could add or update local skill instructions outside the reviewed registry package.
The README documents a manual external GitHub clone into the skills directory and a Playwright MCP dependency, while the registry record has no install spec. This is not hidden or automatic, but users should verify the external source and dependency before installing.
git clone https://github.com/yangliu2060/clawdchat-analysis.git ~/.claude/skills/clawdchat ... Claude Code with Playwright MCP(用于浏览器自动化)
Install only from a trusted source, confirm the repository matches the reviewed skill, and enable Playwright MCP only if you are comfortable with browser automation.
A generated report may reflect misleading or prompt-injection-like content from public posts, and saved reports/raw data may remain available for later reuse.
The workflow brings untrusted public posts/comments into the model context, summarizes them as community wisdom, and stores reports or optional raw data locally. This is expected for the skill, but retrieved content can be noisy or manipulative and may persist.
post.full_content = extract_full_content() ... post.comments = extract_comments(limit=30) ... 从多个帖子中提炼社区集体智慧 ... 输出路径: ~/myassistant/chat/moltbook-daily/YYYY-MM-DD.md ... raw/ # 原始数据(可选)
Treat Moltbook content as untrusted input, review reports before acting on recommendations, and periodically clean or limit the stored raw/report files if needed.