Skillv0.1.5

ClawScan security

Scrape Emails By URL · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 20, 2026, 5:37 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally coherent: it implements a local web crawler that extracts emails using crawl4ai and Playwright, requests no credentials, and its code and instructions align with its stated purpose.
Guidance: This skill appears to do what it says: local crawling (via crawl4ai + Playwright) and email extraction, with no hidden exfiltration or credential access. Before installing or running it: 1) Review and vet the crawl4ai package source (pip packages can pull remote code). 2) Run installs (pip install / playwright install) in an isolated environment (virtualenv/container) because Playwright will download browser binaries. 3) Make sure you have permission to crawl target sites and that scraping emails complies with applicable laws and site terms; avoid scanning internal/private network hosts. 4) If you plan to let an agent invoke this autonomously, be aware the skill may run shell commands and write files — ensure that automated runs are limited to allowed targets and environments. 5) If you need stronger assurance, inspect the crawl4ai runtime behavior (network egress, telemetry) and run the script on a small test target first.

Review Dimensions

Purpose & Capability: okName/description match the code and instructions: the Python script uses crawl4ai to deep-crawl pages matching contact-related URL patterns and extract emails, and the SKILL.md documents the same behavior. There are no unrelated environment variables, credentials, or binary requirements.
Instruction Scope: okRuntime instructions are narrowly scoped to installing crawl4ai and Playwright, running the provided script, and optionally editing url_patterns.json. The script reads only the pattern file, input files passed with --from-file, and crawled pages; it prints or writes results locally. It does not access unrelated system files, credentials, or external endpoints other than the sites it crawls.
Install Mechanism: noteThere is no formal install spec in the registry (instruction-only), but SKILL.md instructs users to run pip install crawl4ai and playwright install. That means third-party packages and browser binaries will be downloaded at install/runtime — standard for this task but something to be aware of (verify crawl4ai source and trustworthiness).
Credentials: okThe skill requests no environment variables or credentials. The script does not read secrets or config outside its directory (only url_patterns.json and any user-specified input files). This is proportionate to the stated email-scraping purpose.
Persistence & Privilege: okThe skill does not request always:true and does not alter other skills or global agent settings. It is user-invocable and can be run on demand. Note: the SKILL.md allows Shell/Read/Write which means the agent (when executing the skill) may run shell commands such as pip install — normal but worth reviewing before execution.