Web Scraper as a Service
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run local Python scraping scripts and write output files, so mistakes in generated code could affect the working directory or produce unintended requests.
The skill authorizes the agent to write and run scraper code locally. This is central to the stated purpose, but it means generated code may execute and create or modify project files.
allowed-tools: Read, Write, Edit, Grep, Glob, Bash, WebFetch, WebSearch ... Generates the scraper, runs it, cleans the data, and packages everything for the client.
Review generated scraper code before running it, keep work in a dedicated project directory, and confirm the requested scrape scope before execution.
A user could unintentionally violate a site's terms, robots.txt, or rate limits if these techniques are used to bypass restrictions rather than to scrape authorized content responsibly.
The skill includes scraping techniques that can be legitimate for compatibility and diagnostics but can also be misused to evade site controls if not bounded by the ethical rules later in the artifact.
What anti-scraping measures are visible? (Cloudflare, CAPTCHAs, rate limits) ... User-Agent rotation ... at least 5 user agents
Use only on sites you are authorized to scrape, do not bypass CAPTCHAs or access controls, respect robots.txt and ToS, and use honest identification and conservative rate limits.