browser-automation Security Report — Suspicious | ClawSafe

45 /100

browser-automation

浏览器自动化操作与网页交互技能

This browser automation skill contains a hardcoded billing API key and extensive anti-detection documentation, presenting moderate security concerns without confirmed malicious behavior.

Skill Namebrowser-automation

Duration43.3s

Enginepi

⚠

Use with caution

Review and remove hardcoded credentials from payment.py. The anti-detection documentation raises concerns but appears designed for legitimate web scraping use cases. Consider adding explicit permission declarations for network access used by the billing system.

Findings 4 items

Severity	Finding	Location
High	Hardcoded billing API key exposed in source code BILLING_API_KEY = 'sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2' is hardcoded in payment.py:12 instead of using environment variables `BILLING_API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"` → Use os.environ.get('SKILLPAY_API_KEY') instead of hardcoding the key	`payment.py:12`
Medium	Extensive anti-detection documentation references/anti-detection-guide.md provides detailed instructions for bypassing bot detection, including proxy rotation, fingerprint browsers, and captcha solving services `Advanced anti-detection strategies including proxy management, browser fingerprinting, and captcha bypass` → While browser automation often requires anti-detection measures, document the legitimate use cases and consider removing references to high-risk services	`references/anti-detection-guide.md:1`
Medium	Undeclared network API calls for billing payment.py makes HTTP requests to skillpay.me for balance checks and charging, but this is not declared in SKILL.md `resp = requests.get(f"{BILLING_API_URL}/api/v1/billing/balance"...` → Declare network access for billing purposes in SKILL.md	`payment.py:29`
Low	Automation detection bypass flags auto_login.py and data_scraper.py use '--disable-blink-features=AutomationControlled' to hide webdriver flags `args=['--disable-blink-features=AutomationControlled']` → This is common practice for legitimate web automation but could be used for unauthorized scraping	`scripts/auto_login.py:24`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`WRITE`	✓ Aligned	Scripts read/write data files (scraped_data.json, cookies) - legitimate for data…
Network	`READ`	`READ+WRITE`	✓ Aligned	payment.py makes POST requests to skillpay.me for billing - not declared in SKIL…
Shell	`NONE`	`NONE`	—	No subprocess/shell execution found
Browser	`WRITE`	`WRITE`	✓ Aligned	Browser automation using Playwright - properly documented

2 High 8 findings

🔑

High API Key 疑似硬编码凭证

API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"

payment.py:12

📡

High IP Address 硬编码 IP 地址

120.0.0.0

references/anti-detection-guide.md:49

🔗

Medium External URL 外部 URL

https://search.jd.com/Search?keyword=iPhone

SKILL.md:100

🔗

Medium External URL 外部 URL

https://skillpay.me

payment.py:11

🔗

Medium External URL 外部 URL

https://target-site.com

references/anti-detection-guide.md:177

🔗

Medium External URL 外部 URL

http://2captcha.com/in.php

references/automation-patterns.md:416

🔗

Medium External URL 外部 URL

http://2captcha.com/res.php?key=

references/automation-patterns.md:427

🔗

Medium External URL 外部 URL

https://hooks.slack.com/...

scripts/page_monitor.py:13

File Tree

14 files · 82.9 KB · 3051 lines

Markdown 6f · 1781L Python 6f · 1230L Text 1f · 21L JSON 1f · 19L

├─ ▾ 📁 references

│ ├─ 📝 anti-detection-guide.md Markdown 297L · 6.5 KB

│ ├─ 📝 anti-detection.md Markdown 291L · 6.9 KB

│ ├─ 📝 automation-patterns.md Markdown 476L · 11.8 KB

│ ├─ 📝 browser-tools-reference.md Markdown 272L · 5.8 KB

│ └─ 📝 playwright-guide.md Markdown 259L · 4.6 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 auto_login.py Python 218L · 7.1 KB

│ ├─ 🐍 data_scraper.py Python 167L · 5.2 KB

│ ├─ 🐍 form_filler.py Python 252L · 8.4 KB

│ ├─ 🐍 page_monitor.py Python 228L · 8.1 KB

│ └─ 🐍 web_scraper.py Python 223L · 7.3 KB

├─ 📋 _meta.json JSON 19L · 439 B

├─ 🐍 payment.py Python 142L · 5.2 KB

├─ 📄 requirements.txt Text 21L · 268 B

└─ 📝 SKILL.md Markdown 186L · 5.2 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`playwright`	`>=1.40.0`	pip	No	Version pinned with minimum
`requests`	`>=2.31.0`	pip	No	Used for billing HTTP calls
`beautifulsoup4`	`>=4.12.0`	pip	No

Security Positives

✓ Skill has clear, documented purpose (browser automation) aligned with implementation

✓ No evidence of credential harvesting from target systems

✓ No reverse shell, C2 communication, or data exfiltration detected

✓ Web scraping capabilities appear consistent with declared purpose

✓ Dependencies use reasonable versions (playwright>=1.40.0)

Scan Report

Findings 4 items

File Tree

Dependencies 3 items

Security Positives