ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Console Patrol

v0.1.0

Automatically scans web apps for console errors and warnings, providing framework-specific diagnostics and fix suggestions for React, Ant Design, and Element...

0· 87·0 current·0 all-time
byThatsD@zhzgao

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for zhzgao/console-patrol.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Console Patrol" (zhzgao/console-patrol) from ClawHub.
Skill page: https://clawhub.ai/zhzgao/console-patrol
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install console-patrol

ClawHub CLI

Package manager switcher

npx clawhub@latest install console-patrol
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and runtime examples align: a console-scanning tool reasonably needs a Python package and a headless browser (Playwright/Chromium) to execute scans and capture console output.
!
Instruction Scope
SKILL.md tells the agent to run pip install console-patrol and playwright install chromium (including example subprocess.run code). Those runtime install instructions will download and execute third-party code and binaries and will allow the skill to fetch arbitrary URLs supplied for scanning. The instructions do not constrain where packages/binaries are installed (system vs virtualenv) or limit target URLs, which broadens the skill's runtime effects.
!
Install Mechanism
There is no formal install spec; instead the README instructs the agent to pip install a package named 'console-patrol' and run Playwright's installer. Installing from PyPI and downloading Chromium are reasonable for the functionality but risky without provenance: pip packages can execute arbitrary code during install, and Playwright will download large browser binaries. No package version pinning, checksums, or official upstream links/homepage are provided.
Credentials
The skill does not request environment variables, credentials, or config paths — proportional to the stated purpose. However, runtime installation will modify the agent environment (install packages/binaries), which is a side effect not declared in metadata.
Persistence & Privilege
always is false and the skill is user-invocable (normal). The SKILL.md explicitly instructs installing packages and browser binaries, which creates persistent files on disk and may change the agent environment; this is expected for such a tool but increases the blast radius compared to an instruction-only skill that makes no on-disk changes.
What to consider before installing
This skill's purpose and code examples are coherent, but it asks the agent to install a PyPI package ('console-patrol') and Playwright/Chromium at runtime without providing a source URL, package version, checksums, or homepage. Before installing, verify the package provenance (PyPI project page, GitHub repo, maintainer), prefer a pinned version and checksum, and run installs in an isolated environment (virtualenv or sandbox) to avoid altering system-wide Python or downloading untrusted binaries. If you cannot verify the package/source, avoid running the automatic pip/playwright install and ask the skill's author for a signed release or official upstream link. Also be cautious about scanning arbitrary remote URLs (possible sensitive-target scanning or SSRF) and consider limiting scanning to trusted hosts or local development instances.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b88m1d7mn6j3d44mrt7ea6983y638
87downloads
0stars
1versions
Updated 3w ago
v0.1.0
MIT-0
ThatsD@zhzgao
latest
Download

ConsolePatrol Skill

Name

console-patrol

Description

AI-First Console Error & Warning Detector for Web Applications. Automatically scans web pages to detect console errors and warnings, with framework-specific rules for Ant Design, React, and Element UI.

When to Use

Use this skill when the user asks to:

  • "Check for console errors"
  • "Scan pages for warnings"
  • "Audit a web app"
  • "Find issues in the application"
  • "Debug console output"
  • Fixing React/antd/Element UI warnings

Prerequisites

The skill uses console-patrol package:

pip install console-patrol
playwright install chromium

Core Workflow

1. Quick Scan (Recommended)

from console_patrol import ConsolePatrol

patrol = ConsolePatrol()
result = patrol.scan(
    url="http://localhost:3000",
    routes=[
        "http://localhost:3000/",
        "http://localhost:3000/dashboard",
        "http://localhost:3000/settings",
    ],
    wait_time=2.0,
)

print(f"Issues found: {result.report.total_issues}")
for issue in result.issues:
    print(f"[{issue.severity.value}] {issue.rule_id}")
    print(f"  Fix: {issue.suggestion}")

2. Auto-Discover Routes

from console_patrol import ConsolePatrol

patrol = ConsolePatrol()
result = patrol.scan(
    url="http://localhost:3000",
    router_type="react",
    base_path="/admin",
    auto_discover=True,  # Auto-discover common routes
)

3. With Framework Auto-Detection

result = patrol.scan(
    url="http://localhost:3000",
    routes=["http://localhost:3000/"],
    detect_framework=True,  # Auto-detect UI framework
)
print(f"Detected: {result.framework_info.ui_framework}")

4. CLI Usage

# Scan with auto-discovery
console-patrol scan http://localhost:3000 --router-type react --auto-discover

# Scan specific routes
console-patrol scan http://localhost:3000 --routes "/,/dashboard,/about"

# With screenshots on errors
console-patrol scan http://localhost:3000 --screenshot

# Output formats
console-patrol scan http://localhost:3000 --format markdown

Detection Rules

Severity Levels

LevelMeaningExit Code
P0Fatal (crashes, JS exceptions)2
P1Warning (framework issues)1
P2Hint (code smell)0

Built-in Rules

Ant Design

  • antd-useForm-unhooked (P1): form.getFieldValue() called outside Form
  • antd-modal-context (P1): Static modal in React 18
  • antd-tree-missing-keys (P1): Tree wildcard keys
  • antd-table-duplicate-key (P0): Duplicate key in Table

React

  • react-uncaught-error (P0): Uncaught JS exception
  • react-chunk-load-error (P0): Module load failure
  • react-hooks-rules (P1): Hooks violation
  • react-list-missing-key (P2): Missing key prop

Response Format

When issues are found, respond with:

## ConsolePatrol Scan Results

**Pages Scanned:** N
**Total Issues:** N

| Severity | Count |
|----------|-------|
| P0 (Fatal) | N |
| P1 (Warning) | N |
| P2 (Hint) | N |

### Issues

**[P0] react-uncaught-error**
- Message: Error description
- Location: page URL
- Fix: Suggestion

**[P1] antd-useForm-unhooked**
- Message: Error description
- Location: page URL
- Fix: Use state instead of form.getFieldValue() in render

Important Notes

  1. Wait Time: Default 2s after page load. Increase for SPAs with lazy loading.
  2. Screenshots: Use --screenshot flag to capture error screenshots.
  3. Frameworks: Pass --frameworks antd,react to limit rule scope.
  4. Exit Codes: Use in CI/CD: if [ $? -gt 0 ]; then echo "Issues found"; fi

Installation for Agent

If console-patrol is not installed:

import subprocess
subprocess.run(["pip", "install", "console-patrol"], check=True)
subprocess.run(["playwright", "install", "chromium"], check=True)

Edge Cases

  • Page not loading: Timeout is 30s by default. Check if dev server is running.
  • No issues found: Report success, no action needed.
  • P0 issues: Always highlight as critical, suggest immediate fix.
  • Framework not detected: Use default rules (antd, react, element).

Comments

Loading comments...