substack AI news SEARCH
v1.0.0Scrape AI-related articles from Substack search using browser automation. Uses agent-browser to render Substack's JS-dependent search page, extract titles, a...
⭐ 0· 14·0 current·0 all-time
byJay@goog
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description claim browser-rendered Substack search scraping; the SKILL.md and scripts/scrape_substack.py implement exactly that using the agent-browser CLI and Substack search URLs. No unrelated services, binaries, or credentials are requested.
Instruction Scope
Instructions only drive agent-browser to open the Substack search URL, wait, snapshot, optionally scroll, and close. The script parses snapshot output for '- link' lines to extract article text. This stays within the stated scraping task, but note the snapshot output can include any visible page text (including headers, banners, or user-specific content if the browser is authenticated), so results may surface extra page content.
Install Mechanism
No install spec — instruction-only plus a small helper script. Nothing is downloaded or written to disk by an installer, which is low risk.
Credentials
The skill requests no environment variables or credentials (proportional). However, because it drives the agent-browser, it will use whatever browser profile the agent has access to; that can expose cookies, session tokens, or authenticated pages to Substack during browsing. The skill itself does not request secret env vars or external endpoints beyond substack.com.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes or access to other skills' configs. Autonomous invocation is allowed (platform default) but not combined with elevated privileges.
Assessment
This skill appears to do what it says: open a Substack search page in the agent's browser, snapshot results, and return a list. Before installing, ensure agent-browser is available in your environment and consider which browser profile the agent will use — if that profile contains cookies or logins, visits to Substack will include those credentials. Test with innocuous queries first. Note: the Python script builds the URL safely (URL-quoting the query) and does not inject shell commands, but you may encounter a functional issue because subprocess.run is called with a single string while shell=False (this may require passing a list of args or using shell=True depending on platform). If you want stricter privacy, run the skill with an ephemeral/clean browser profile or isolate it from authenticated sessions.Like a lobster shell, security has layers — review code before you run it.
latestvk978wqjzhjqjsg9bsq18mhgm59849dys
License
MIT-0
Free to use, modify, and redistribute. No attribution required.