Skillv1.0.4

ClawScan security

Kuaishou Bilibili Publish · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 4, 2026, 1:32 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it automates uploading via a Chrome CDP client and the included code, arguments, and docs match the stated purpose — but it will operate using your browser session and contains anti-bot/stealth logic you should be aware of.
Guidance: This skill will control a Chrome browser (yours or one it starts), upload files you point it at, and act using whatever accounts are logged into that browser. That behavior is necessary for its purpose but is powerful: only run it with a browser/profile you trust or use a dedicated disposable profile (use --user-data-dir to point to an isolated profile). Run first with --no-publish to verify form filling before allowing actual publish. Review the STEALTH_JS/STEALTH_ARGS in chrome_launcher.py if you have policy or fingerprinting concerns, and inspect the code locally before installing. Finally, install dependencies in a controlled environment (virtualenv) and avoid reusing your primary Chrome profile unless you accept the script acting on your behalf.
Findings: [stealth-evasion] expected: The code contains STEALTH_ARGS and injected STEALTH_JS that override navigator.webdriver, vendor, languages, and WebGL fingerprint values. This is common in browser automation to avoid anti-bot detection but worth noting because it deliberately alters browser fingerprinting. [process-control] expected: chrome_launcher uses subprocess to launch/terminate Chrome and includes logic to find and kill processes by port. This is expected for managing a local Chrome instance for CDP automation. [local-file-access] expected: Scripts set file inputs (video and cover) and write debug HTML to the skill directory. Access to local files is required for uploading media but means local paths you supply will be read.

Review Dimensions

Purpose & Capability: okName/description match the implementation: CLI + CDP-based browser automation for Kuaishou, Bilibili, and Douyin. The code implements upload, cover setting, title/keyword filling and publish flows, and the CLI and parameters in SKILL.md line up with the scripts.
Instruction Scope: okSKILL.md restricts actions to local browser automation via python scripts and the code follows that: navigation, file-input setting, element interaction, and saving debug HTML. The skill asks the user to provide local file paths and a running Chrome (or to launch one via the provided launcher). There are no hidden external endpoints or calls to third‑party web APIs beyond connecting to Chrome and the target sites.
Install Mechanism: okNo unusual install mechanism in the registry; dependencies are standard PyPI packages (requests, websockets). There is no remote download of arbitrary archives or execution of code from untrusted URLs in the install spec.
Credentials: noteThe skill declares no required environment variables, which is reasonable. The code will, however, read optional env vars (CHROME_BIN, KBS_PROXY, HTTPS_PROXY/HTTP_PROXY) and uses or creates a browser profile (default ~/.kbs/chrome-profile) and/or connects to an existing Chrome debug port. It therefore has access to whatever browser profile/cookies you point it at (so it can act as any logged-in user). This is proportionate to a browser-automation uploader but is a privacy/authority risk you should consider.
Persistence & Privilege: noteThe skill does not request always:true and does not declare system-wide persistent privileges. It may start or kill Chrome processes and will reuse or create a Chrome user-data-dir (default ~/.kbs/chrome-profile). Running it with your regular Chrome profile or reusing an active debug port grants the scripts the ability to act with your logged-in sessions — expected for this use case, but operationally powerful.