问专家技能安全扫描报告 — 可疑 | ClawSafe

55 /100

问专家技能

使用 Playwriter 连接用户已登录的 Chrome 浏览器，通过 Gemini 等 AI 助手获取专业建议

Skill documentation explicitly mentions bypassing robot detection and operating on authenticated browser sessions, suggesting potential for unauthorized automation and terms-of-service violations.

技能名称问专家技能

分析耗时33.4s

引擎pi

⚠

谨慎使用

This skill should be reviewed with caution. The declared use cases include bypassing anti-bot mechanisms, which could facilitate unauthorized scraping or automation. Request actual implementation code and verify the tool only performs legitimate browser interactions.

安全发现 4 项

严重性	安全发现	位置
中危	Skill name misleads about actual functionality 文档欺骗 Skill is named '问专家技能' (Ask Expert Skill) but actually automates browser control through Playwriter. The actual behavior (browser automation) is not apparent from the name. `# 问专家技能 - 使用 Playwriter 控制已登录的浏览器` → Rename skill to accurately reflect browser automation functionality	`SKILL.md:1`
高危	Bypass robot detection declared as legitimate use case 代码执行 The skill explicitly lists 'bypass robot detection scenarios' as an applicable use case. This suggests the tool is designed to circumvent anti-bot measures, which could violate terms of service of various platforms. `- 需要绕过机器人检测的场景` → Remove bypass robot detection use cases. This functionality could facilitate unauthorized automated access to services.	`SKILL.md:58`
中危	Authenticated session manipulation without explicit consent 敏感访问 The skill operates on a user's already-logged-in Chrome browser. This means it can potentially access any authenticated sessions (email, banking, social media) without explicit per-action user consent. `使用 Playwriter 连接用户已登录的 Chrome 浏览器` → Implement explicit user consent workflow before each authenticated action.	`SKILL.md:1`
低危	No implementation files to audit 供应链 Only SKILL.md documentation exists. Actual execution code cannot be reviewed for hidden behavior. `No scripts/ directory found` → Request full implementation code before production deployment.	`SKILL.md:1`

资源类型	声明权限	推断权限	状态	证据
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md - uses bash, python3 subprocess
浏览器	`READ`	`READ`	✓ 一致	SKILL.md - controls Chrome via Playwriter
文件系统	`WRITE`	`WRITE`	✓ 一致	SKILL.md - screenshot saving

目录结构

1 文件 · 2.3 KB · 88 行

Markdown 1f · 88L

└─ 📝 SKILL.md Markdown 88L · 2.3 KB

安全亮点

✓ Uses documented Playwriter tool (open source browser automation framework)

✓ No base64-encoded strings or obfuscated code observed

✓ No credential harvesting or environment variable access detected

✓ No network requests to external IPs documented