Back to skill
Skillv0.1.0
ClawScan security
pingagi-web · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 1:01 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill is internally consistent: it instructs the agent to call a local browser service at 127.0.0.1:3088 to fetch page text/HTML and requires no extra credentials or installs.
- Guidance
- This skill expects a trusted local browser service listening at http://127.0.0.1:3088; if you don't run such a service the skill won't work. Before enabling: (1) confirm you actually run and trust a local service on port 3088, (2) verify that service enforces URL restrictions and doesn't allow arbitrary internal-network requests (to avoid SSRF/internal data exposure), and (3) be cautious about allowing autonomous agent invocation — the agent could be instructed to make requests to internal endpoints through the local service. If you can't verify the local service's behavior, don't enable or use this skill.
Review Dimensions
- Purpose & Capability
- okThe name/description (browse and extract webpage content) match the runtime instructions (POST to a local browser service and extract the 'text' field). No unrelated binaries, env vars, or installs are requested.
- Instruction Scope
- noteInstructions are narrowly scoped to POSTing a target URL to http://127.0.0.1:3088/browse and extracting the returned text/title/partial HTML. Note: because the skill allows arbitrary target URLs, an agent could be directed to fetch internal/private URLs via the local service (SSRF/internal network access risk) if the local service permits it — this is an operational risk rather than an incoherence with the skill's stated purpose.
- Install Mechanism
- okNo install spec or code is present (instruction-only), so nothing is written to disk or fetched during install.
- Credentials
- okThe skill declares no environment variables, credentials, or config paths — consistent with its described use of a local HTTP service.
- Persistence & Privilege
- okalways:false and default autonomy settings are present. The skill does not request permanent presence or elevated privileges beyond normal agent invocation.