← 返回 Skills 市场
824
总下载
6
收藏
9
当前安装
1
版本数
在 OpenClaw 中安装
/install web-scout
功能描述
给 AI Agent 一键装上全网采集能力。基于 Agent Reach,支持 Twitter/X、Reddit、YouTube、B站、小红书、抖音、GitHub、LinkedIn、Boss直聘、RSS、全网搜索等平台。一条命令安装,零 API 费用。
安全使用建议
This skill is suspicious because its runtime steps require many tools and sensitive credentials that are not declared in the metadata. Before installing: 1) Inspect the GitHub repo (prefer a pinned release/tag, not main.zip) and review the code you will pip-install. 2) Run any install inside an isolated environment (VM or container) and use a Python venv; avoid installing directly on a production host. 3) Use --dry-run or --safe modes first to see what would be installed. 4) Never paste your primary account cookies/API keys into an agent; use throwaway/test accounts if you must provide cookies, and verify where and how they are stored (~/.agent-reach/config.yaml). 5) Verify any Docker images (e.g., xpzouying/xiaohongshu-mcp) on Docker Hub and prefer self-hosted audited alternatives. 6) Require the publisher to update the skill metadata to list required binaries and secrets; if they cannot justify the missing declarations, avoid installing. If you want, I can produce a short checklist of specific files/commands to audit in the referenced repo before you proceed.
功能分析
Type: OpenClaw Skill
Name: web-scout
Version: 1.0.0
This skill bundle is classified as suspicious due to its explicit requirement for the `exec` tool, which enables arbitrary shell command execution, creating a significant attack surface for prompt injection. Key indicators include instructions to run `docker run` with an external image (`xpzouying/xiaohongshu-mcp`) and examples of `python3 -c` execution, both found in `SKILL.md`. While these capabilities are presented for the stated purpose of web scouting, they introduce high-risk vulnerabilities and supply chain risks, allowing for potential arbitrary code execution and host compromise if the agent is prompted maliciously or if external dependencies are compromised. There is no clear evidence of intentional malicious behavior by the skill itself, but rather a collection of powerful, risky capabilities.
能力评估
Purpose & Capability
The described purpose (web data collection) legitimately requires platform credentials, CLI tools, and possibly Docker/MCP services. However, the registry metadata lists no required binaries, no environment variables, and no config paths even though the instructions clearly depend on many external tools (pip, gh CLI, yt-dlp, docker, mcporter/mcporter-related services, Docker images) and credentials (browser cookies, login sessions). This mismatch is incoherent — either the metadata is incomplete or the skill is hiding required capabilities.
Instruction Scope
SKILL.md directs the user/agent to: pip install a GitHub main.zip (arbitrary code), run agent-reach install which auto-installs many dependencies, launch Docker containers, configure proxies, and import/export browser cookies (with the explicit instruction to '发给 Agent' — send cookie header string to the agent). It also instructs storing cookies in ~/.agent-reach/config.yaml. These instructions go beyond a simple helper: they require installation of third-party software, user secrets, and starting services on the host.
Install Mechanism
Install is done via pip install of a GitHub archive (https://github.com/.../archive/main.zip). Installing from an unpinned main branch zip can execute arbitrary and changing code and is higher risk than using a pinned release or vetted package. There is no install.spec in the registry (instruction-only), so installing this skill requires running network downloads and package installs outside the registry's control.
Credentials
Although the skill metadata declares no required credentials, the runtime instructions require sensitive secrets: exported browser cookie strings for Twitter/X and Xiaohongshu, logins for GitHub/LinkedIn, proxy credentials, and potentially Docker image network access. The skill claims cookies are stored locally with file perms 600, but asking users to export and send cookie header strings to an agent expands the attack surface and is not justified by the metadata.
Persistence & Privilege
The skill does not request 'always: true' and does not claim elevated platform privileges. It suggests using agent-reach watch for health checks and has commands to run and uninstall. Autonomous invocation remains possible (platform default) but is not uniquely elevated by this skill. Still, an installed agent-reach tool that can run periodic tasks and hold cookies increases long-term exposure if installed without isolation.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install web-scout - 安装完成后,直接呼叫该 Skill 的名称或使用
/web-scout触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- 首发版本,基于 Agent Reach 封装,助力 AI Agent 一键集成全网采集能力
- 支持 Twitter/X、Reddit、YouTube、B站、小红书、抖音、GitHub、LinkedIn、Boss直聘、RSS、全网搜索等主流平台
- 提供简单的安装配置流程,支持自动依赖安装、平台 Cookie 配置和代理设置
- 丰富命令速查表,覆盖多平台采集、搜索与内容提取操作
- 强调安全性:本地存储 Cookie、可选安全/预览模式、全开源可审查
元数据
常见问题
Web Scout 是什么?
给 AI Agent 一键装上全网采集能力。基于 Agent Reach,支持 Twitter/X、Reddit、YouTube、B站、小红书、抖音、GitHub、LinkedIn、Boss直聘、RSS、全网搜索等平台。一条命令安装,零 API 费用。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 824 次。
如何安装 Web Scout?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install web-scout」即可一键安装,无需额外配置。
Web Scout 是免费的吗?
是的,Web Scout 完全免费(开源免费),可自由下载、安装和使用。
Web Scout 支持哪些平台?
Web Scout 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Web Scout?
由 子豪(@aizain)开发并维护,当前版本 v1.0.0。
推荐 Skills