Agent Reach
WarnAudited by ClawScan on May 10, 2026.
Overview
This internet-research skill is broadly useful, but it asks the agent to use account cookies, anti-bot tooling, remote setup instructions, and social posting commands without clear safety boundaries.
Install only if you are comfortable with the agent using external web tools and possibly account cookies. Treat it as potentially write-capable on social platforms: require explicit confirmation before any posting or interaction, avoid giving it your main browser cookies, and review any remote installation steps before they run.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could gain access to logged-in social/media accounts through browser or imported cookies, which may expose private data or allow account actions.
The skill instructs use of browser/session cookies and imported platform cookies, but the registry declares no credentials and the artifact does not bound which accounts, cookie scopes, storage, or outputs are involved.
Use `--cookies-from-browser chrome` or configure proxy. ... Requires login. Use Cookie-Editor to import cookies.
Do not provide personal browser cookies unless strictly necessary; use a separate low-privilege account, require explicit per-action approval, and ensure the skill declares and documents credential handling.
A mistaken or over-eager agent action could publish or interact from the user's account, causing public, reputational, or account-safety consequences.
The skill exposes public account-mutation behavior, including publishing content, but does not require a preview, final user confirmation, rate limits, or rollback guidance.
Use when: ... user asks to post, comment, or interact on supported platforms ... mcporter call 'xiaohongshu.publish_content(title: "标题", content: "正文", images: ["/path/img.jpg"], tags: ["tag"])'
Require an explicit user confirmation step before any post, comment, like, follow, or other account-changing action, and clearly separate read-only from write-capable workflows.
This could violate platform rules, trigger account or IP restrictions, or make the agent operate in a way the user did not expect.
The skill explicitly advertises anti-bot bypass tooling as the required reading path for WeChat articles, which is more invasive than ordinary web reading and may evade platform controls.
**Read** (Camoufox — bypasses WeChat anti-bot): ... Must use Camoufox.
Avoid anti-bot bypass workflows unless the user explicitly accepts the risk; document what browser profile/session data is used and provide a compliant fallback when possible.
The agent may install or run unreviewed third-party setup steps, making it harder for the user to understand what code or dependencies are being added.
This instruction-only skill has no reviewed install spec, yet tells the agent to fetch and follow a remote setup guide while handling cookies and tools outside the provided artifacts.
If a channel needs setup ... fetch the install guide: https://raw.githubusercontent.com/Panniantong/agent-reach/main/docs/install.md ... User only provides cookies. Everything else is your job.
Provide a reviewed, pinned install specification and avoid having the agent execute remote setup instructions automatically; ask the user to review any installation commands first.