crawl4ai

[Skill Scanner] Installation of third-party script detected Based on the provided skill documentation, Crawl4AI’s stated capabilities (crawling, schema-based extraction, optional LLM extraction, login automation, proxy use, and JS execution) are coherent and proportionate for a web-crawling tool. There is no evidence in the provided text of obfuscation, hidden exfiltration, hardcoded credentials, or calls to suspicious third-party domains. However, the skill exposes high-risk features that are normal for crawlers — arbitrary JS execution in pages, storage of api_token and proxy credentials in config files, and support for routing traffic via proxies — which increase the potential for credential leakage or misuse if configs are mishandled or if the implementation routes data to attacker-controlled endpoints. Without the actual implementation, I cannot fully rule out malicious redirection of data. Recommendation: review the runtime implementation for where network endpoints point (ensure official LLM endpoints are used), ensure configs do not store secrets in plaintext or are protected, and limit execution of untrusted js_code. Overall verdict: functionality appears legitimate but operational risks warrant careful review of implementation and runtime network flows. LLM verification: No clear malicious code or intentional backdoor is visible in the provided documentation. The skill's capabilities are consistent with its stated purpose (web crawling, JS rendering, schema and LLM extraction). However, there are moderate supply-chain and operational risks: unpinned pip install (version pinning recommended), ability to execute arbitrary JavaScript in page context (can be misused to harvest cookies/localStorage), examples that encourage embedding credentials in configs, and LLM e