Agent Reach
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill broadly matches its web-access purpose, but it asks the agent to use login cookies, browser session data, anti-bot automation, and unreviewed remote setup steps without clear boundaries.
Review this skill carefully before installing. If you use it, use separate low-privilege accounts, do not provide broad browser cookies, manually review any remote setup instructions, and require explicit confirmation before logged-in actions, publishing, or anti-bot browser automation.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could act as the user on logged-in websites if it receives or reads browser session cookies.
Browser cookies and imported cookies are account session credentials; the skill requests them broadly without declaring a credential requirement or bounding which accounts, cookies, or permissions may be used.
Use `--cookies-from-browser chrome` or configure proxy. ... Requires login. Use Cookie-Editor to import cookies. ... User only provides cookies. Everything else is your job.
Only use dedicated low-privilege accounts, avoid sharing broad browser profiles, and require explicit approval before any logged-in action.
The agent may follow unreviewed remote setup instructions or install dependencies beyond what this package declares.
The skill points the agent to a remote setup guide that is not included in the reviewed artifact set and frames the remaining setup work as the agent's responsibility, despite having no install spec.
If a channel needs setup (cookies, Docker, etc.), fetch the install guide: https://raw.githubusercontent.com/Panniantong/agent-reach/main/docs/install.md User only provides cookies. Everything else is your job.
Review the remote install guide manually before use, pin trusted installation sources, and require user confirmation before installing tools or running setup commands.
Using anti-bot bypass tooling could violate site rules, trigger account or IP restrictions, or use automation in ways the user did not expect.
The skill explicitly instructs use of a browser automation path advertised as bypassing anti-bot protections, which is sensitive and not clearly bounded by user approval or platform-risk guidance.
**Read** (Camoufox — bypasses WeChat anti-bot): ```bash cd ~/.agent-reach/tools/wechat-article-for-ai && python3 main.py "https://mp.weixin.qq.com/s/ARTICLE_ID" ``` > WeChat articles cannot be read with Jina Reader or curl. Must use Camoufox.
Do not use anti-bot bypass features unless the user explicitly authorizes them and understands the account and platform risks.
The agent could publish content or interact with social platforms under the user's account.
Public posting is disclosed and tied to user requests, but it is still a high-impact account action that should not happen without clear final confirmation.
Use when: ... (4) user asks to post, comment, or interact on supported platforms ... mcporter call 'xiaohongshu.publish_content(title: "标题", content: "正文", images: ["/path/img.jpg"], tags: ["tag"])'
Require an explicit final review and confirmation before publishing, commenting, liking, or otherwise mutating any third-party account.
Search queries and URLs may be sent to third-party services.
The skill routes URLs, queries, and platform requests through external reader/search/provider gateways; this is expected for the purpose but the artifacts do not describe data handling boundaries.
curl -s "https://r.jina.ai/URL" ... mcporter call 'exa.web_search_exa(query: "query", numResults: 5)'
Avoid submitting private links, confidential queries, or sensitive account data unless the user accepts those providers' data handling.