v1.0.0

ziniao-webdriver-doc

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:21 AM.

Analysis

This is a documentation-only skill for ZiNiao WebDriver, but its docs cover account credentials, remote browser-control options, cache deletion, and external driver downloads that should be handled carefully.

GuidanceThis skill is reasonable to install if you need ZiNiao WebDriver reference documentation. Before using the examples, protect ZiNiao credentials, keep the HTTP control service local by default, verify any downloaded drivers or demo code, and be cautious with cache-cleanup or process-kill commands.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

reference/startup-params.md

`--listen_ip=IP` | V5 only | 设置监听地址，默认 127.0.0.1。非本机时允许远程控制

The docs disclose an option to expose the WebDriver HTTP control service beyond localhost; it is optional, but it widens the control boundary.

User impactIf the control port is exposed to a network without protection, other systems may be able to reach browser-control endpoints.

RecommendationKeep the listener bound to 127.0.0.1 unless remote access is truly required; use firewalling, VPN, or an authenticated proxy for any remote setup.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

reference/api-auxiliary.md

`browserOauths` 为空则删除所有本地缓存。

The ClearCache API includes a bulk deletion mode for all local cache; it is documented as an auxiliary management function, but it can have broad local impact.

User impactAn accidental call with an empty store list could delete local cached browser data for all managed stores.

RecommendationRequire explicit store IDs for cache cleanup workflows and confirm broad cache deletion before running it.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

reference/framework-examples.md

zip_resp = requests.get(download_url) ... os.chmod(cached, 0o755)

The example driver-management pseudocode downloads a ChromeDriver archive from an external URL and makes the extracted binary executable; this is expected for WebDriver setup, but it is still a supply-chain touchpoint.

User impactUsing downloaded browser drivers without verification could introduce an untrusted executable into the automation environment.

RecommendationDownload drivers only from trusted official sources, prefer pinned versions, and verify checksums or signatures where available.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

所有标记"需凭据"的接口（`updateCore`、`getBrowserList`、`startBrowser`、`stopBrowser`、`ClearOnline`）每次调用都必须携带 company/username/password

The documentation expects full ZiNiao account credentials for multiple account and browser-management API calls; this is purpose-aligned, but it is sensitive authority.

User impactIf these docs are used to build automation, mishandled passwords could expose the ZiNiao account and store browser sessions.

RecommendationUse a dedicated least-privileged automation account, keep passwords out of chat logs and source code, and store credentials in a proper secrets manager.