← Back to Skills Marketplace
Pangolinfo Scrape (Legacy)
by
Pangolinfo & AgentGo
· GitHub ↗
· v1.0.1
· MIT-0
368
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install pangolinfo-scrape-legacy
Description
Search Google and scrape Amazon using Pangolin APIs. Supports AI Mode search (Google AI Overview with multi-turn dialogue), standard SERP with AI Overview ex...
Usage Guidance
This package appears to implement the advertised Pangolin scraping functionality and the included Python client is readable and zero-dependency. However: (1) the registry metadata incorrectly lists no required environment variables — the script needs PANGOLIN_TOKEN or PANGOLIN_EMAIL + PANGOLIN_PASSWORD. Treat that mismatch as a red flag and ask the publisher/registry to correct it. (2) The script will send your email/password to https://scrapeapi.pangolinfo.com/auth to obtain a bearer token and will save the token at ~/.pangolin_token (file permissions set to 600). Prefer providing an existing PANGOLIN_TOKEN rather than your account password. (3) The source/homepage is unknown; verify the publisher and the legitimacy of scrapeapi.pangolinfo.com before supplying credentials. (4) If you decide to install/use it, run it in a restricted environment (or inspect/run the script manually) and consider creating a dedicated Pangolin account or short‑lived token so you don't expose your primary credentials.
Capability Analysis
Type: OpenClaw Skill
Name: pangolinfo-scrape-legacy
Version: 1.0.1
The skill bundle provides a legitimate Python client and documentation for interacting with Pangolin's Google SERP and Amazon scraping APIs. The core script, `scripts/pangolinfo.py`, uses only Python standard libraries to perform authenticated requests to the official API endpoint (scrapeapi.pangolinfo.com). It handles sensitive credentials (PANGOLIN_EMAIL/PASSWORD) and tokens appropriately, including secure local caching in `~/.pangolin_token` with restricted file permissions (0o600). No evidence of data exfiltration, unauthorized execution, or malicious prompt injection was found.
Capability Assessment
Purpose & Capability
The name/description promise Google SERP and Amazon scraping via Pangolin APIs, and the included Python client calls scrapeapi.pangolinfo.com endpoints to do exactly that — capability aligns with purpose. However, registry metadata claims no required environment variables or primary credential, while SKILL.md and the script clearly require PANGOLIN_TOKEN or PANGOLIN_EMAIL+PANGOLIN_PASSWORD. That metadata omission is an incoherence and should be corrected/clarified.
Instruction Scope
SKILL.md and the script give explicit CLI usage and only instruct network calls to the Pangolin API endpoints, token caching, and JSON parsing. Instructions do not request unrelated system files or other credentials. The script writes a token cache (~/.pangolin_token) and uses environment variables; these actions are documented in SKILL.md and references.
Install Mechanism
No install spec (instruction-only with included Python script). No external downloads or package installs are performed. The script is zero-dependency (uses Python stdlib) so there is no hidden installer risk.
Credentials
Requiring PANGOLIN_TOKEN or PANGOLIN_EMAIL+PANGOLIN_PASSWORD is proportionate to authenticating against the external Pangolin API. The concern is that the registry metadata lists no required env vars (contradiction) and the skill will cache a bearer token in the user's home (~/.pangolin_token). If you provide email+password, those credentials are sent to the external auth endpoint; ensure you trust the service and prefer using a token over storing passwords in environment variables when possible.
Persistence & Privilege
The skill does not request 'always: true' or other elevated platform privileges. It caches a token to a file it owns (~/.pangolin_token) which is typical for CLI clients; it does not modify other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install pangolinfo-scrape-legacy - After installation, invoke the skill by name or use
/pangolinfo-scrape-legacy - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Docs update: added canonical links to the new skills.
- AI SERP: https://clawhub.ai/pangolinfo/pangolinfo-ai-serp
- Amazon Scraper: https://clawhub.ai/pangolinfo/pangolinfo-amazon-scraper
No functional changes.
v0.1.0
Initial public release of the Pangolinfo Search & Amazon Scraper skill.
- Google AI Mode answers (AI-mode)
- Google SERP + AI Overview (Serp)
- Amazon product & keyword scraping (Amazon)
Metadata
Frequently Asked Questions
What is Pangolinfo Scrape (Legacy)?
Search Google and scrape Amazon using Pangolin APIs. Supports AI Mode search (Google AI Overview with multi-turn dialogue), standard SERP with AI Overview ex... It is an AI Agent Skill for Claude Code / OpenClaw, with 368 downloads so far.
How do I install Pangolinfo Scrape (Legacy)?
Run "/install pangolinfo-scrape-legacy" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Pangolinfo Scrape (Legacy) free?
Yes, Pangolinfo Scrape (Legacy) is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Pangolinfo Scrape (Legacy) support?
Pangolinfo Scrape (Legacy) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Pangolinfo Scrape (Legacy)?
It is built and maintained by Pangolinfo & AgentGo (@tammy-hash); the current version is v1.0.1.
More Skills