olostep
Security checks across malware telemetry and agentic risk
Overview
Olostep is a coherent web-scraping integration, but it relies on an unpinned external MCP package and advertises large-scale anti-bot/CAPTCHA-bypassing scraping, so it needs careful review before use.
Install only if you intentionally want Olostep-powered web scraping. Pin and review the MCP package if possible, use a revocable Olostep API key, require confirmation before large crawls/batches or codebase changes, and avoid scraping sites or internal content without clear authorization.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could perform large-scale scraping that bypasses target-site controls and may violate site terms or applicable rules.
This exposes high-volume scraping with explicit anti-bot/CAPTCHA-adjacent bypass and residential proxy use, which can exceed ordinary user-directed research and create legal, reputational, or abuse risk.
Scrape up to 10,000 URLs in parallel. All pages are scraped concurrently with full browser rendering, anti-bot bypass, and residential proxies — no rate limiting, no blocking, no setup.
Use only on sites you are authorized to access; require explicit confirmation for large batches/crawls; set conservative page and rate limits; avoid anti-bot bypass for targets where permission is unclear.
If the npm package or resolution path is compromised, the agent could run unreviewed code locally with access to the Olostep API key.
The runtime MCP server is fetched/executed by package name without a version pin and receives the Olostep API key; the reviewed bundle does not include that server's source.
"command": "npx", "args": ["-y", "olostep-mcp"], "env": { "OLOSTEP_API_KEY": "${OLOSTEP_API_KEY}" }Pin the MCP package version, review the `olostep-mcp` package source/provenance, run it in a constrained environment, and avoid exposing unrelated secrets to the MCP server.
The agent may change project files, dependencies, and configuration in ways the user has not reviewed in advance.
The skill directs the agent to install dependencies and mutate the user's project with limited prompting, which is high-impact local change even though it matches the integration purpose.
Automatically integrate the Olostep SDK into the user's codebase... installs the SDK, writes all the code, and verifies it works — with minimal prompting.
Ask the agent to show a plan and diff first, require approval before running install commands or writing files, and review all generated code before committing or deploying.
The API key could be exposed in chat history, local files, or commits if handled carelessly.
The skill handles a provider API key and persists it to the project environment; this is expected for Olostep but should be treated as sensitive credential handling.
If the user passed an API key via `$ARGUMENTS`, use it... Store the key in the project's `.env` file as `OLOSTEP_API_KEY=<key>`.
Prefer a secure environment variable or secret manager, ensure `.env` is ignored by version control, and use a revocable Olostep-specific key.
URLs, queries, and task details submitted to the skill may be processed by the external Olostep service.
The skill sends scraping/search/crawl tasks through Olostep's external API using an authenticated provider flow; that data boundary is expected but important for users to understand.
**Base URL:** `https://api.olostep.com/v1` **Auth:** `Authorization: Bearer <API_KEY>`
Do not send private, internal, or regulated URLs/data unless your policy allows Olostep to process them.