ClawHub

Authenticated Web Research

v1.0.0

Use stronger lawful workflows for sites the user is authorized to access, including local browser login, session-aware browsing, JS-heavy pages, and post-log...

0· 59·1 current·1 all-time
by@1477009639zw-blip
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the skill focuses on workflows for pages that require user login or client-side rendering. It does not request unrelated credentials, binaries, or system paths.
Instruction Scope
SKILL.md stays within the declared purpose (open local browser, have user log in, extract post-login content). One ambiguous phrase is "inspect visible text, links, and network behavior where appropriate" — inspecting network behavior could imply collecting request details or logs; the doc otherwise emphasizes keeping the session local and not requesting passwords. Recommend clarifying what "inspect network behavior" is allowed to capture and how that data is handled.
Install Mechanism
No install spec and no code files — instruction-only skill. Nothing will be written to disk or fetched at install time.
Credentials
The skill requires no environment variables, credentials, or config paths. It explicitly instructs not to ask for raw passwords when browser login is possible, which is proportionate.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request permanent presence or modification of other skills or system settings.
Assessment
This skill appears coherent and low-risk because it only gives instructions for having you log in locally and then extracting content you can access. Before using it, confirm: (1) you will perform the login in your own browser (do not paste passwords or session cookies into chat), (2) you understand whether the agent can view your screen or browser tabs (some agent setups can automate or capture browser state), and (3) clarify with the skill whether any network logs or request details will be captured or transmitted. If you want stronger guarantees, only use it with an agent that cannot access your clipboard, system files, or remote browser sessions.

Like a lobster shell, security has layers — review code before you run it.

latestvk975nfeza7cjc0s5mfq2nnkbcn83th5s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments