Facebook Group Monitor
v1.3.0Monitor Facebook groups for new posts using Playwright browser automation with stealth mode and persistent login session. Scrapes group feed, tracks seen pos...
⭐ 1· 344·1 current·1 all-time
by@phuc-nt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, SKILL.md, setup guide, and included scripts all describe a Playwright-based Facebook group scraper that uses a persistent browser session and stitched screenshots. The files and requested behaviors are consistent with that purpose; no unrelated credentials, services, or binaries are requested.
Instruction Scope
Runtime instructions require storing a persistent Playwright user-data directory (cookies/session) under scripts/.browser-data, saving screenshots into a workspace path so the agent's image tool can read them, and writing a seen-posts file. Those actions are expected for this skill but expose Facebook session cookies and scraped images on disk — the README correctly instructs first-time interactive login from a terminal rather than from the agent.
Install Mechanism
No install spec is embedded in the registry (instruction-only), but SETUP.md instructs installing well-known packages (playwright, playwright-stealth) and running 'playwright install chromium'. Playwright downloads Chromium from its standard release sources — no arbitrary external binaries or obscure URLs are referenced.
Credentials
The skill does not declare or require external API keys or secrets. It optionally reads FBMON_VENV to locate a virtualenv (a normal convenience). The persistent browser session effectively holds Facebook authentication cookies — sensitive but proportional and necessary for the stated functionality.
Persistence & Privilege
always is false and the skill does not change other skills' configuration. However, with a saved session in scripts/.browser-data, the agent (when invoked autonomously or via cron) can scrape Facebook groups without further manual interaction; users should be aware that saved session cookies grant ongoing access until the session expires or is cleared.
Assessment
This skill appears to do exactly what it says: it automates a Chromium browser (Playwright) to log into Facebook (manual interactive login once), persist the browser session to scripts/.browser-data, scrape group posts, and save stitched screenshots in a workspace folder for vision-analysis. Before installing: 1) understand that the saved session directory contains Facebook auth cookies — treat it as sensitive and store it in a location you control or remove it when not needed; 2) perform the one-time login interactively on a trusted machine (do not give credentials to the agent); 3) consider using a dedicated Facebook account for scraping to limit exposure; 4) the skill will write screenshots and a .seen-posts.json file in its scripts folder (or in the workspace you point via --shots-dir) — review those files if you are concerned about local data retention; 5) installing dependencies will fetch Playwright and Chromium via their normal channels (pip/playwright install); review and run those commands yourself in a virtualenv rather than letting an agent run them. If you want stronger isolation, run this skill inside a constrained environment or VM and inspect scripts/fb-group-monitor.py yourself before use.Like a lobster shell, security has layers — review code before you run it.
latestvk971bvsh8652c4xngzqcr6xvs982rcx2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.