ClawHub

Upwork Automation Using Ai

v1.0.0

Automate Upwork login, search, filter, and proposal drafting in one browser session, stopping before submission unless explicitly instructed.

0· 501·3 current·4 all-time
by@adeel-powerhouse
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description describe browser-driven Upwork automation and the SKILL.md contains step-by-step browser automation instructions (login, search, filter, open job, fill proposal). No extraneous environment variables, binaries, or installs are requested — this footprint is consistent with the stated purpose.
Instruction Scope
Instructions explicitly perform interactive browser actions (including login flows, handling captcha/2FA/manual checkpoints, clicking Apply, filling proposal fields) and require reading page text/screenshots. The skill refuses to persist credentials and states it will stop before submission unless told. This scope is appropriate for the task, but it means the agent will handle sensitive credentials provided at runtime and will read page content — users should be aware of that behavior.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is downloaded or written to disk by an installer, which minimizes installation risk.
Credentials
No environment variables, primary credential, or config paths are required. The skill relies on user-provided credentials at run time only (per its text), which is proportionate to the stated functionality.
Persistence & Privilege
always is false, no installs, and the SKILL.md forbids persisting credentials to files. The skill does not request persistent system presence or elevated privileges.
Assessment
This skill is coherent with its purpose, but it automates a browser and will ask you to provide Upwork (or Google) credentials interactively for a run. Before using it: (1) only provide credentials when you are ready to perform the session and avoid giving long-term API tokens or password dumps, (2) prefer testing on a non-critical account first, (3) confirm the agent shows screenshots/state checks before any sensitive clicks, and (4) verify it does not submit proposals unless you explicitly say “submit now.” If you rely on Google SSO, expect cross-site authentication flows and possible 2FA prompts — the skill may ask you to complete those manually. If anything looks unexpected (requests to save credentials, to access unrelated services, or to submit without confirmation), stop and revoke access.

Like a lobster shell, security has layers — review code before you run it.

latestvk974hvtsdg13cfydf3j2hfqadx81tc26

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments