Openclaw Web Browser
v1.0.0웹사이트 브라우징, 정보 수집, 데이터 추출, 모니터링을 위한 종합 브라우징 스킬. 정적/동적 웹페이지에서 데이터를 수집하고 JSON으로 구조화하며, 변경사항 모니터링과 정기 수집을 지원한다. 항공(ICAO, FAA 등) 기관 수집에 특화된 프리셋도 포함.
⭐ 0· 40·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (web browsing, extraction, monitoring) align with requested binaries (python3, curl), included Python scripts, and sub-skill for document recommendation. The code and presets (aviation) match the declared purpose.
Instruction Scope
Most runtime instructions are scoped to fetching and structuring web content. However: (1) SKILL.md suggests using a browser session to handle robots.txt blocks or bot detection (Layer 3), which can be interpreted as circumventing access controls; (2) monitor.py does not perform robots.txt checks (fetcher.fetch_url does), creating an inconsistency where monitoring could scrape pages even if robots disallow; (3) the skill instructs using JSON upload/aggregation which could leak sensitive scraped content if users upload unfiltered data to other services. These are functional/scope concerns rather than proof of malicious intent.
Install Mechanism
No install spec is provided (instruction-only), which lowers supply-chain risk. But the README/SKILL.md expects Python dependencies (requests, beautifulsoup4) without declaring them in metadata; users must install them manually. All bundled code runs locally and makes outbound HTTP requests — review before running.
Credentials
The skill requires no environment variables, no credentials, and no config paths. That is proportionate to a web scraping/monitoring tool. Sub-skill behavior (doc recommender) also does not request credentials in the provided files.
Persistence & Privilege
The skill does not demand 'always: true' or other elevated privileges, and it stores its own data under a local monitor-data directory. It does not modify other skills or system-wide agent settings from the provided files.
Assessment
This package is internally consistent with a web-scraping and monitoring toolkit, but review these points before installing or running: 1) Dependencies: ensure you run in a controlled Python environment (virtualenv) and install requests and beautifulsoup4 as the code expects. 2) robots.txt & site policy: fetcher.py checks robots.txt, but monitor.py does not; SKILL.md encourages using a browser session when bot-detection or robots.txt blocks exist — that behavior could be interpreted as attempting to bypass site rules. Decide whether you want monitoring to respect robots.txt and adjust the code. 3) Data handling: the monitor stores snapshots and diffs locally (monitor-data/) and the doc-recommender supports uploading/reading collection JSONs — sanitize any sensitive content before sharing with other services or models. 4) Rate and legality: the tool can be run on schedules (cron examples are included); tune rate limits and check target sites' terms-of-service and legal restrictions (esp. automated scraping of search engines). 5) Run first in a sandbox: because the package executes network requests and writes files, run it in a sandbox/container or VM until you’ve inspected/modified behavior you don’t want (robots handling, cron entries, where data is stored). If you want, I can: (a) point out exact lines in monitor.py to add robots.txt checks; (b) produce a minimal requirements.txt and a safe-run checklist; or (c) scan the remaining truncated code for other issues if you provide it.Like a lobster shell, security has layers — review code before you run it.
latestvk97c36ebgtkwwvjg90e5v3abyn84btcy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🌐 Clawdis
Binspython3, curl