browser-automation 安全扫描报告 — 可疑 | ClawSafe

45 /100

browser-automation

浏览器自动化操作与网页交互技能

This browser automation skill contains a hardcoded billing API key and extensive anti-detection documentation, presenting moderate security concerns without confirmed malicious behavior.

技能名称browser-automation

分析耗时43.3s

引擎pi

⚠

谨慎使用

Review and remove hardcoded credentials from payment.py. The anti-detection documentation raises concerns but appears designed for legitimate web scraping use cases. Consider adding explicit permission declarations for network access used by the billing system.

安全发现 4 项

严重性	安全发现	位置
高危	Hardcoded billing API key exposed in source code BILLING_API_KEY = 'sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2' is hardcoded in payment.py:12 instead of using environment variables `BILLING_API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"` → Use os.environ.get('SKILLPAY_API_KEY') instead of hardcoding the key	`payment.py:12`
中危	Extensive anti-detection documentation references/anti-detection-guide.md provides detailed instructions for bypassing bot detection, including proxy rotation, fingerprint browsers, and captcha solving services `Advanced anti-detection strategies including proxy management, browser fingerprinting, and captcha bypass` → While browser automation often requires anti-detection measures, document the legitimate use cases and consider removing references to high-risk services	`references/anti-detection-guide.md:1`
中危	Undeclared network API calls for billing payment.py makes HTTP requests to skillpay.me for balance checks and charging, but this is not declared in SKILL.md `resp = requests.get(f"{BILLING_API_URL}/api/v1/billing/balance"...` → Declare network access for billing purposes in SKILL.md	`payment.py:29`
低危	Automation detection bypass flags auto_login.py and data_scraper.py use '--disable-blink-features=AutomationControlled' to hide webdriver flags `args=['--disable-blink-features=AutomationControlled']` → This is common practice for legitimate web automation but could be used for unauthorized scraping	`scripts/auto_login.py:24`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`WRITE`	✓ 一致	Scripts read/write data files (scraped_data.json, cookies) - legitimate for data…
网络访问	`READ`	`READ+WRITE`	✓ 一致	payment.py makes POST requests to skillpay.me for billing - not declared in SKIL…
命令执行	`NONE`	`NONE`	—	No subprocess/shell execution found
浏览器	`WRITE`	`WRITE`	✓ 一致	Browser automation using Playwright - properly documented

2 高危 8 项发现

🔑

高危 API 密钥疑似硬编码凭证

API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"

payment.py:12

📡

高危 IP 地址硬编码 IP 地址

120.0.0.0

references/anti-detection-guide.md:49

🔗

中危外部 URL 外部 URL

https://search.jd.com/Search?keyword=iPhone

SKILL.md:100

🔗

中危外部 URL 外部 URL

https://skillpay.me

payment.py:11

🔗

中危外部 URL 外部 URL

https://target-site.com

references/anti-detection-guide.md:177

🔗

中危外部 URL 外部 URL

http://2captcha.com/in.php

references/automation-patterns.md:416

🔗

中危外部 URL 外部 URL

http://2captcha.com/res.php?key=

references/automation-patterns.md:427

🔗

中危外部 URL 外部 URL

https://hooks.slack.com/...

scripts/page_monitor.py:13

目录结构

14 文件 · 82.9 KB · 3051 行

Markdown 6f · 1781L Python 6f · 1230L Text 1f · 21L JSON 1f · 19L

├─ ▾ 📁 references

│ ├─ 📝 anti-detection-guide.md Markdown 297L · 6.5 KB

│ ├─ 📝 anti-detection.md Markdown 291L · 6.9 KB

│ ├─ 📝 automation-patterns.md Markdown 476L · 11.8 KB

│ ├─ 📝 browser-tools-reference.md Markdown 272L · 5.8 KB

│ └─ 📝 playwright-guide.md Markdown 259L · 4.6 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 auto_login.py Python 218L · 7.1 KB

│ ├─ 🐍 data_scraper.py Python 167L · 5.2 KB

│ ├─ 🐍 form_filler.py Python 252L · 8.4 KB

│ ├─ 🐍 page_monitor.py Python 228L · 8.1 KB

│ └─ 🐍 web_scraper.py Python 223L · 7.3 KB

├─ 📋 _meta.json JSON 19L · 439 B

├─ 🐍 payment.py Python 142L · 5.2 KB

├─ 📄 requirements.txt Text 21L · 268 B

└─ 📝 SKILL.md Markdown 186L · 5.2 KB

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`playwright`	`>=1.40.0`	pip	否	Version pinned with minimum
`requests`	`>=2.31.0`	pip	否	Used for billing HTTP calls
`beautifulsoup4`	`>=4.12.0`	pip	否

安全亮点

✓ Skill has clear, documented purpose (browser automation) aligned with implementation

✓ No evidence of credential harvesting from target systems

✓ No reverse shell, C2 communication, or data exfiltration detected

✓ Web scraping capabilities appear consistent with declared purpose

✓ Dependencies use reasonable versions (playwright>=1.40.0)