Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Anti-Bot Scraper
v1.0.0基于 Playwright 的反爬虫网页抓取技能。支持普通模式、隐身模式和批量模式。内置反检测技术(隐藏 webdriver、随机 UA、Canvas/WebGL 指纹防护)绕过常见反爬虫机制。使用场景:抓取网页内容、反爬虫抓取、批量采集、截图保存。触发关键词:scrape, 抓取, 爬虫, 反爬, stealt...
⭐ 0· 110·0 current·0 all-time
by@tttyix
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (anti-bot Playwright scraper) match the included files and runtime behavior: scripts implement simple, stealth, and batch scraping, with UA/viewports/fingerprint tweaks and optional proxy/cookie input. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md instructs the agent/user to run npm install, optionally run scripts/setup.js which itself may run npm install and npx playwright install chromium, and to execute the provided node scripts. The scripts read URL lists, accept proxy/cookie inputs, and write screenshots/HTML/JSON output to disk — all consistent with scraping functionality. One caveat: the provided stealth injection code (truncated in the package listing) modifies many browser-exposed APIs to evade detection; this is expected for the stated purpose but is also sensitive behavior (fingerprint evasion).
Install Mechanism
No platform install spec is present, but package.json and package-lock.json require npm install and the postinstall runs 'npx playwright install chromium' (plus scripts/setup.js also runs npm and npx). This will download packages and browser binaries (Playwright/Chromium) from registries/mirrors. This is expected for a Playwright-based tool but is a higher-risk install action than an instruction-only skill because it writes binaries to disk and runs lifecycle scripts.
Credentials
The skill requests no environment variables or credentials. Command-line options accept proxy URLs and cookie JSON (user-supplied); that is appropriate for a scraper. There are no hidden env accesses in the visible code. No broad credential access or unrelated env vars are requested.
Persistence & Privilege
Skill flags are default (always: false, user-invocable true) and it does not request permanent agent presence or modify other skills' configs. It does install local dependencies and browser binaries into the user's environment when npm install / npx playwright runs, which is normal for Playwright tools but should be run with user consent.
Assessment
This package appears to be what it says: a Playwright-based stealth scraper. Before installing or running it, consider the following: (1) install in a controlled/sandbox environment (container or VM) because npm install and npx playwright install chromium will download and install packages and a browser binary to disk; (2) review the remainder of the stealth injection code (the SKILL listing was truncated) to ensure there are no unexpected network callbacks or telemetry; (3) be aware that fingerprint-evasion code is sensitive and may violate target sites' terms of service or local law—use responsibly and ethically; (4) verify package sources (npm registry/mirror) and run 'npm audit' if possible; (5) when running batch jobs, avoid providing sensitive credentials via command-line/cookie arguments and monitor outgoing network traffic (proxy usage) to ensure no data exfiltration. If you need higher assurance, request a full untruncated review of scripts/scraper-stealth.js and monitor the first npm install in an isolated environment.scripts/scraper-batch.js:101
Shell command execution detected (child_process).
scripts/setup.js:27
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk976x71xv0wgq6v95xf6he15ys83k84s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.