LINE Chat for Official Account
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent LINE Official Account browser-automation skill, but it can use a logged-in business account to read customer chats and perform account actions, so it should be supervised.
This skill appears purpose-aligned and not malicious from the provided artifacts. Before installing, be comfortable giving OpenClaw browser access to your LINE Official Account, supervise any replies or tag/note changes, and stop the browser service or log out when you no longer want the session available.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the OpenClaw browser profile is logged in, the agent can access and act within the selected LINE Official Account, including customer communications.
The skill relies on a logged-in LINE Official Account session and can perform business-account chat actions. This is disclosed and central to the skill, but it is meaningful delegated authority.
The setup wizard will: ... Open https://chat.line.biz/ in your browser ... Guide you to log in and select your official account ... Features: Reply to customer messages; Manage tags and notes for each chat
Install only for LINE accounts you want the agent to operate, supervise replies and account changes, and log out or remove the profile/session if you no longer want access retained.
Customer messages may enter the agent context and could include sensitive information or adversarial instructions from external senders.
Customer message content is extracted from LINE and returned to the agent for processing. This is necessary for the skill, but the data may be private and customer-provided text should not be treated as trusted instructions.
This script reads ALL visible messages in the messages panel, up to a maximum of 50 recent messages. ... result.push({ time, text: text.substring(0, 200), isCustomer, hasImage })Use the skill only where customer-chat processing is intended, avoid unnecessary retention or sharing of outputs, and treat customer-supplied text as untrusted content.
Running setup will execute a local Node script that invokes the operating system browser opener.
The setup helper uses shell execution to open the LINE OA URL in the user's browser. The URL is a constant LINE URL and this is part of documented setup, so it appears proportionate.
const { exec } = require('child_process'); ... exec(`${cmd} "${url}"`, (err) => {Run setup only from the installed skill directory you intended to use, and review local helper scripts before running them if you are unsure of provenance.
The agent can interact with the LINE web interface through the browser profile and may perform state-changing actions when asked.
The skill instructs the agent to run local JavaScript snippets in the LINE web page to click login controls and inspect chat DOM state. This is expected browser automation, but it gives the agent direct UI-control capability.
Execute the script directly: browser action:"act" profile:"openclaw" targetId:"<targetId>" request:{"kind":"evaluate","fn":"<script_content>"}For replies, tag changes, or other account mutations, ask the agent to draft first and confirm before sending or changing account data.
A LINE-authenticated browser profile may remain available for later agent actions until the session expires, the browser service is stopped, or the user logs out.
The skill explicitly keeps the browser service alive after cleanup. This is disclosed convenience behavior rather than hidden persistence, but it can preserve an authenticated environment.
The blank tab keeps the browser service running for faster next use.
Stop the browser service or log out of LINE OA when you do not want the agent to retain easy access.