ClawHub

Authorized Session Scrape

v1.0.0

Continue searching and extracting within a user-authorized local browser session after the user logs in. Use for pagination, site search, tab-by-tab extracti...

0· 52·1 current·1 all-time
by@1477009639zw-blip
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description align with the SKILL.md: the skill is explicitly for continuing scraping/extraction inside a user-authorized browser session and does not request unrelated credentials, binaries, or installs.
Instruction Scope
Instructions stay within the stated purpose and explicitly prohibit bypassing login. However the doc refers to 'use the local browser path' and instructs opening tabs/navigation without declaring how the agent will perform those actions—this is ambiguous and could lead to different implementations (manual user-driven steps vs automated browser control). The instructions do not direct reading of extraneous files or environment variables.
Install Mechanism
No install spec and no code files are present (instruction-only), so there is no download or archive-extraction risk.
Credentials
The skill requests no environment variables, credentials, or config paths. This is proportionate to a skill that relies on the user's active browser session and explicit user login.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent or system-wide privileges. The skill will rely on the agent's normal invocation model.
Assessment
This skill appears coherent with its purpose, but before installing check how your agent will implement the instructions: will it ask you to perform all browser actions manually, or will it try to automate the local browser (which may require additional capabilities or permissions)? Confirm the agent will not ask for cookies, exported session tokens, or your passwords—this SKILL.md explicitly forbids bypassing login and doesn't request credentials. If you plan to let the agent control your browser, test it with non-sensitive accounts/pages first and only enable autonomous invocation if you trust the agent and its execution environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cskwnx5vg6xv11xragmbee183tdmm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments