Skillv1.0.0

ClawScan security

Scrapling Web Extractor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 10, 2026, 8:20 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and inputs are coherent with a webpage-to-Markdown scraper — it doesn't ask for unrelated credentials or system-wide privileges and its behavior matches the description.
Guidance: This skill appears internally consistent, but check the following before installing: 1) The script dynamically imports and relies on the external 'scrapling' package and Playwright — audit or trust those packages before installing them. 2) Using stealth mode and proxies is legitimately used to reach anti-bot protected pages, but you must not use the tool to bypass login walls, CAPTCHAs, paywalls, or access-restricted content (the SKILL.md states this). 3) Playwright installation downloads a Chromium binary; ensure you accept that download. 4) Proxy credentials passed at runtime will be used to route requests — keep them secure and avoid supplying credentials you don't trust. 5) The tool writes Markdown files and an automatch DB to the output directory; review and manage those local files as needed.

Review Dimensions

Purpose & Capability: okName, description, README, SKILL.md and the included Python script all align: they implement fetching public web pages (static or JS), extracting main content and converting HTML to Markdown. Features like stealth, proxies, Playwright, and automatch are legitimate for robust scraping and are consistent with the stated purpose.
Instruction Scope: noteSKILL.md and the script limit network calls to user-supplied URLs and an optional proxy. The skill provides flags to enable stealth, proxying, and Playwright rendering; these are powerful but described and constrained (rules state not to bypass logins/paywalls). The code dynamically imports the 'scrapling' package at runtime, so actual fetching behavior depends on that external dependency.
Install Mechanism: okNo install spec is included (instruction-only); the README suggests installing third-party Python packages (scrapling, html2text, Playwright). That is a normal, low-risk pattern for an instruction-only Python skill, but it does mean the fetched packages and Playwright binaries will be installed separately by the user.
Credentials: okThe skill declares no required environment variables or credentials. Proxy credentials can be supplied as runtime flags (appropriate for a scraper). The script's security manifest claims it reads only user-provided URL/file inputs and writes only to the chosen output directory and the Scrapling-managed local DB—no unexpected secrets are requested.
Persistence & Privilege: notealways is false and the skill is user-invocable. It writes local output files and (per its manifest) a Scrapling automatch SQLite DB; this is reasonable for its functionality but does create persistent local artifacts that a user should be aware of.