Lockpicker
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: lockpicker Version: 1.0.1 The 'lockpicker' skill is a utility for reverse-engineering and automating web workflows based on a user's own authenticated browser sessions. It includes scripts for extracting cookies/headers from HAR files (extract_cookie_headers.py) and generating Python request templates (scaffold_direct_client.py). While the tool handles sensitive authentication material, the logic is restricted to local file operations, and the instructions in SKILL.md and safety-boundaries.md explicitly direct the agent to maintain data privacy, avoid exfiltration, and respect service terms. No evidence of malicious intent or hidden backdoors was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bad capture, stale token, or incorrect generated script could post, upload, schedule, or queue actions on the user's account and may trigger rate limits or account challenges.
The skill intentionally turns authenticated browser workflows into direct replay scripts for account-mutating actions, including publishing and queued/batched operations.
turning that known-good browser workflow into a reusable local script... such as upload, publish, schedule, or queue operations
Prefer official APIs when available. Require explicit user confirmation for the site, action, target account, batch size, and first live test; keep batches small and use dry-run or one-item validation first.
Anyone who obtains the HAR, extracted auth files, or generated client inputs may be able to act as the logged-in user until the session expires or is revoked.
The workflow depends on live browser session credentials that can act as the user, rather than a narrowly scoped credential designed for automation.
Depending on the site, replay may require some or all of: - raw `Cookie` header - csrf token header - Authorization header... These values often grant live account access.
Use only on accounts and services you control. Prefer scoped API tokens or a low-privilege test account, keep session files private, and log out or revoke sessions after testing.
Plain-text auth files or HAR-derived outputs can be accidentally backed up, shared, pasted into chat, or reused later with more authority than intended.
The helper writes live cookie material to a plain-text local file, and similar code writes CSRF and Authorization headers when present.
p = out_dir / 'cookie-header.txt'; p.write_text(lowered['cookie'].strip(), encoding='utf-8')
Store extracted auth only in a restricted temporary directory, avoid cloud-synced folders, do not paste it into chat, and delete HAR/auth files and generated scripts when finished.
Running or extending generated code without review could send unintended authenticated requests once the user adds replay logic.
The helper generates a local Python client scaffold from captured request data. The provided scaffold writes code but does not automatically execute it.
Path(args.out).write_text(rendered, encoding='utf-8')
Inspect generated scripts before running them, keep them local, and test against one harmless item before adding mutation, scheduling, or batching logic.