Back to skill
Skillv1.0.0
ClawScan security
Web Scraping Tool Selection Strategy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 9, 2026, 9:35 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only guidance skill that coherently recommends when to use opencli vs playwright-cli for scraping; it does not request credentials or install code, but it does encourage practices (reusing logged-in browser state) that carry privacy and legal risks the user should understand.
- Guidance
- This skill is a coherent, instruction-only guide for choosing opencli vs playwright-cli. Before using it: 1) Verify you will manually install and review opencli/playwright-cli from official sources (don’t run unknown installers). 2) Be cautious about reusing logged-in browser state — don’t give an agent access to your browser profile, cookies, or passwords unless you explicitly trust the environment; doing so can expose private account data. 3) The SKILL.md mentions companion scripts that aren’t bundled here—inspect any such scripts before running. 4) Ensure your scraping activities comply with target sites’ terms of service and applicable laws. 5) Prefer manual review and least-privilege testing (use throwaway accounts or isolated browser profiles) when validating the recommended commands.
Review Dimensions
- Purpose & Capability
- noteThe skill's name and description match the instructions: it is a tool-selection strategy between opencli and playwright-cli. It does not request unrelated credentials or binaries. Minor inconsistency: SKILL.md references companion scripts/files (e.g., scripts/web_scraping_validator, references/platform_mapping_table) that are not present in the file manifest—this is a documentation/packaging omission but does not imply malicious behavior.
- Instruction Scope
- noteInstructions stay on-topic (how to choose and invoke opencli/playwright-cli). They explicitly recommend reusing logged-in Chrome browser state to access post-login data and to bypass anti-bot measures; while coherent for the stated purpose, this step can expose private account data if performed automatically or without care. The skill does not instruct the agent to read arbitrary system files or exfiltrate data to external endpoints, but following its guidance requires elevated access to a browser profile/session outside the skill's own control.
- Install Mechanism
- okNo install spec and no code files to execute — instruction-only skill. This minimizes surface area: nothing is downloaded or written by the skill itself.
- Credentials
- noteThe skill declares no required env vars or credentials (proportional). However it implicitly depends on user-managed credentials/sessions (logged-in browser state and site accounts). That dependence is reasonable for the guidance given, but users should not hand over browser profiles, cookies, or credentials to untrusted agents.
- Persistence & Privilege
- okThe skill is not always-enabled and makes no requests to modify other skills or system configuration. Autonomous invocation is allowed by platform default but the skill does not request elevated persistent privileges.