Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sf Scraper
v0.1.0Scrape employee data from a logged-in SAP SuccessFactors browser session using browser automation. Use when: user provides an employee ID and wants employee...
⭐ 0· 294·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (scrape employee data from an authenticated SuccessFactors browser session) matches the SKILL.md: all runtime instructions are browser snapshots/actions using an attached OpenClaw Browser Relay in Chrome. The declared requirements (none) are consistent because the skill depends on the live browser session and extension rather than environment variables or external binaries.
Instruction Scope
The SKILL.md explicitly directs the agent to use browser(action="snapshot"/"act"/"navigate") against the user's authenticated Chrome session and to navigate deep links, search, and admin pages. It does not call external network endpoints other than the user's SF instance. However, the instructions give broad capability to read and interact with any content in the attached browser session (including admin pages), and they do not constrain which fields are scraped or how results are returned — a genuine functional need but also a privacy/visibility concern for sensitive data.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low-risk from an install perspective because nothing is written to disk by the skill bundle itself.
Credentials
The skill requests no environment variables or credentials in its metadata. It relies on the user's authenticated browser session (via the Browser Relay extension) for access, which is proportional to the stated goal. There are no unrelated credential requests.
Persistence & Privilege
The skill is not marked always:true, which is good. Model invocation remains enabled (default), meaning the agent could invoke this skill autonomously; combined with the Browser Relay attachment, that would allow automated access to the user's active browser session. Autonomous invocation is platform-default, but users should be aware of the higher blast radius when a skill can interact with an authenticated browser without additional human confirmation.
Assessment
This skill does what it says — it uses the Browser Relay to read and interact with your logged-in SuccessFactors session. Before installing or enabling it: 1) Only enable it if you fully trust the skill owner and understand company policy about scraping employee data. 2) Be aware it can see anything in the attached Chrome profile (open tabs, cookies, session state). 3) Prefer to use it with explicit user invocation only (avoid allowing autonomous runs). 4) Test first on a non-sensitive/demo account to validate behavior. 5) Remove/disable the Browser Relay extension or detach the session when not actively using the skill. 6) If in doubt about legality or privacy, consult your security/privacy team before using.Like a lobster shell, security has layers — review code before you run it.
latestvk973e2d1adht4yqtzzhmwspxed825vdm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.