Manus Agent
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill coherently describes Manus-style automation and contains no hidden code, installer, or credential collection, though users should supervise browser, login, and code-execution workflows.
This looks safe as an instruction-only Manus guidance skill. Before using it for real automation, supervise browser actions, keep code execution sandboxed, and never approve logins, payments, or form submissions unless you understand the action.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with browser tools, the agent may click buttons, fill forms, or collect web data on the user's behalf.
The skill describes browser automation that can interact with websites and forms; this is disclosed and purpose-aligned, but users should still supervise state-changing actions.
- 自动浏览网页、填写表单、点击按钮 - 抓取和解析网页数据
Provide exact URLs and instructions, review intermediate steps, and require confirmation before submitting forms or changing website state.
Generated code or installed dependencies could affect files or data if run in an overly broad environment.
The skill describes generated code execution and dependency installation. That is expected for its coding/data-analysis purpose, and the artifact shows no automatic execution on install.
- 在安全沙盒中运行代码 - 自动安装依赖包
Run generated code only in a constrained sandbox or project workspace, and review requested dependencies before allowing installation.
When used on logged-in sites, the agent could act with the user's account permissions.
The skill acknowledges possible logged-in website actions, but it explicitly requires user authorization and human confirmation for sensitive operations.
- 登录网站执行操作(需用户授权) - 敏感操作(登录、支付)需要人工确认
Only authorize logins for trusted sites, avoid unnecessary sensitive accounts, and approve each payment or other irreversible action manually.