Lockpicker
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is transparent and safety-aware, but it handles live browser session credentials and replays authenticated website actions, so it should be reviewed carefully before use.
Use this only if you are comfortable handling live browser-session secrets. Do not use it on accounts or sites you are not authorized to operate, prefer official APIs when possible, keep HAR and auth files out of chat and cloud sync, review generated scripts, test one item first, and delete extracted credentials when finished.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bad capture, stale token, or incorrect generated script could post, upload, schedule, or queue actions on the user's account and may trigger rate limits or account challenges.
The skill intentionally turns authenticated browser workflows into direct replay scripts for account-mutating actions, including publishing and queued/batched operations.
turning that known-good browser workflow into a reusable local script... such as upload, publish, schedule, or queue operations
Prefer official APIs when available. Require explicit user confirmation for the site, action, target account, batch size, and first live test; keep batches small and use dry-run or one-item validation first.
Anyone who obtains the HAR, extracted auth files, or generated client inputs may be able to act as the logged-in user until the session expires or is revoked.
The workflow depends on live browser session credentials that can act as the user, rather than a narrowly scoped credential designed for automation.
Depending on the site, replay may require some or all of: - raw `Cookie` header - csrf token header - Authorization header... These values often grant live account access.
Use only on accounts and services you control. Prefer scoped API tokens or a low-privilege test account, keep session files private, and log out or revoke sessions after testing.
Plain-text auth files or HAR-derived outputs can be accidentally backed up, shared, pasted into chat, or reused later with more authority than intended.
The helper writes live cookie material to a plain-text local file, and similar code writes CSRF and Authorization headers when present.
p = out_dir / 'cookie-header.txt'; p.write_text(lowered['cookie'].strip(), encoding='utf-8')
Store extracted auth only in a restricted temporary directory, avoid cloud-synced folders, do not paste it into chat, and delete HAR/auth files and generated scripts when finished.
Running or extending generated code without review could send unintended authenticated requests once the user adds replay logic.
The helper generates a local Python client scaffold from captured request data. The provided scaffold writes code but does not automatically execute it.
Path(args.out).write_text(rendered, encoding='utf-8')
Inspect generated scripts before running them, keep them local, and test against one harmless item before adding mutation, scheduling, or batching logic.