Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
playwright-controller
v1.0.0Browse webpages using Playwright with automatic loading wait, screenshots, and text extraction. Use playwright:fetch or playwright:screenshot commands. API:...
⭐ 0· 373·1 current·1 all-time
by陈宽同学@mrchenkuan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the included code: the JavaScript implements page loading, screenshots and text extraction via Playwright. The package.json dependency on Playwright is consistent with the stated purpose.
Instruction Scope
playwright-cmd.js requires an absolute path (/Users/chenkuan/.openclaw/.../playwright-crawler-v3.js) instead of the local module — this attempts to load code from the developer's home directory on the host if present, which is unexpected and potentially accesses files outside the skill bundle. The SKILL.md/README also contain contradictory statements about resource interception and headless defaults vs. what the code actually does (the crawler hardcodes headful launches regardless of option), indicating sloppy or inconsistent runtime instructions.
Install Mechanism
There is no install spec (instruction-only), but the bundle includes package.json with a Playwright dependency. That means Playwright/Chromium are required but not guaranteed to be installed by the platform — this is a usability concern (and large dependency) rather than direct maliciousness. The absolute require path is more concerning for runtime behavior than the lack of install steps.
Credentials
The skill requests no environment variables or credentials. It only reads/writes local files (screenshot/text output) which is appropriate for its stated purpose. No secret-exfiltration patterns or external API keys are requested.
Persistence & Privilege
Flags show no always:true; the skill does not request elevated agent privileges. It writes files to user-configurable directories (./screenshots or custom dir) — expected for a scraper tool, but be aware it creates files on disk.
What to consider before installing
Do not install blindly. The core functionality matches its description, but there are red flags you should address first: (1) playwright-cmd.js contains a hard-coded absolute require to the developer's local path — this is unexpected and could cause the skill to try to load files from the host filesystem if that path exists; it should require the bundled module with a relative path (e.g. './playwright-crawler-v3.js'). (2) The SKILL.md/README and code disagree about headless defaults and resource interception — ask the author to clarify and fix so behaviour is predictable. (3) Playwright/Chromium are heavy dependencies and will download browsers; ensure you run this in a sandboxed environment and that you trust the code. Recommended actions before using: review/patch the require path, run the code in an isolated VM or container, verify package.json dependency installation is intentional, and confirm the author updates the docs to match the actual code. If the developer cannot or will not fix the absolute path and documentation inconsistencies, treat the skill as unsafe to run in a non-sandboxed environment.Like a lobster shell, security has layers — review code before you run it.
latestvk97b2ja1zv6va5my03x9waj3nh820y66
License
MIT-0
Free to use, modify, and redistribute. No attribution required.