Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
深度内容搜索
v1.2.0深度内容搜索工具 - 整合微信公众号、知乎、豆瓣、今日头条、百家号、微博、B站专栏等多平台内容抓取。支持获取微信公众号完整正文、知乎日报完整正文、豆瓣电影信息。支持直接解析微信链接获取全文。默认每平台3条结果,可指定条数。当用户需要深度搜索、获取文章内容或解析微信链接时使用此技能。
⭐ 0· 87·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (deep content search across many Chinese platforms) matches the behavior (the code performs web scraping of WeChat and Zhihu). However: the skill claims integration with many platforms (WeChat, Zhihu, Douban, Toutiao, Baijiahao, Weibo, Bilibili) but the visible code mainly shows WechatFetcher and ZhihuFetcher; that discrepancy suggests either incomplete implementation or overstated capabilities. No homepage/source repo is provided and owner is unknown, reducing provenance.
Instruction Scope
SKILL.md instructions are narrowly scoped to performing web requests, parsing HTML, and saving/printing results. It does not instruct the agent to read unrelated local files or environment secrets. The built-in retry logic and scraping strategies are explicit; the only scope concern is that retry/backoff behavior could increase request volume to third-party sites if misused.
Install Mechanism
This is instruction-only with a Python script; dependencies are installed via pip (requests, beautifulsoup4, lxml, fake-useragent). Using PyPI packages is expected for a scraper but carries the usual moderate risk of supply-chain issues — there are no downloads from unknown servers or embedded binary installers.
Credentials
No environment variables or credentials are requested. For public scraping this is proportionate. There are no obvious attempts to read other credentials or config paths in the SKILL.md or the visible code.
Persistence & Privilege
Skill is not always-enabled and does not request elevated system persistence. It runs on-demand and does not modify other skills or system-wide settings in the provided material.
What to consider before installing
This skill is a web-scraper that will make outbound requests to third-party sites (WeChat, Zhihu, etc.). Before installing: 1) Review the full deep_search.py for any hardcoded telemetry or unexpected endpoints (the repository/source is missing). 2) Note the README claims many platform integrations — verify the code actually implements those platforms. 3) Consider legal and terms-of-service issues for scraping copyrighted content and respect robots.txt/rate limits; the tool includes retries which can increase load on target sites. 4) Run the code in a sandboxed environment and avoid providing credentials (none are required). If you need broader trust, ask the author for a source repo or signed provenance and confirm which platforms are fully implemented.Like a lobster shell, security has layers — review code before you run it.
contentvk97ekkgcpw3d95vs1w00tx9qsh84myjvlatestvk97b4j9gdbt7hjw6xg52madjjx84ttcgsearchvk97ekkgcpw3d95vs1w00tx9qsh84myjv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔍 Clawdis
Binspython3