ClawHub
Back to skill
v2.0.0

Process-Diagram-Pro

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:40 AM.

Analysis

The core diagram-generation code appears purpose-aligned, but the skill also introduces broad browser automation that is not well scoped to making diagrams.

GuidanceThe diagram-generation code itself appears aligned with the advertised purpose, but review the agent-browser section carefully. Install only the drawing dependencies needed for your task, and do not let the agent use browser click/fill actions on sensitive or logged-in sites without explicit approval.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
本技能支持使用 `agent-browser` CLI 进行网页内容抓取和研究... agent-browser click @e1 ... agent-browser fill @e1 "text" ... agent-browser screenshot ... agent-browser get text body

The skill's stated purpose is diagram generation, but this section gives broad browser automation commands for scraping and interacting with arbitrary webpages without clear user-approval or read-only limits.

User impactIf followed, an agent could operate a browser beyond making diagrams, including clicking page elements or filling forms.
RecommendationUse the browser CLI only when explicitly needed, avoid logged-in or sensitive pages unless you approve each action, and prefer removing or tightly scoping this section to read-only documentation lookup.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
pip install matplotlib pillow numpy
...
npm install -g agent-browser
agent-browser install --with-deps

The setup instructions install unpinned Python packages and a global npm browser automation package; this is disclosed and user-directed, but it adds supply-chain exposure, especially because the registry metadata lists no install spec.

User impactInstalling these dependencies may run third-party package code and add browser automation components to the local environment.
RecommendationReview package sources before installing, use trusted package indexes, pin versions where possible, and skip the agent-browser install unless that capability is actually required.