Agent-Reach: throwaway account, least privilege, scan before install
Before letting Agent-Reach install system dependencies and register a skill that logs into platforms with your cookies, encode the safe defaults as a preflight manifest: a throwaway account never your main, cookie-auth risk acknowledged per platform, and a mandatory scan before install.
Run this workflow
CI-verified, 2/2 fixtures passing.
Build this with your agent
One copy-paste hands Claude Code, Codex, or Cursor the full recipe, steps included, nothing to fetch.
Intended Use
Anyone wiring Agent-Reach (or any cookie-auth scraping skill) into an agent. CI validates a preflight manifest: account_mode must be throwaway (main is rejected), every cookie-auth platform must be acknowledged, and scan_before_install must be true. The actual install, cookie login, and runs are fenced.
Not for
- Using your main account, cookie auth on Twitter/Reddit and similar carries a genuine ban risk, so the manifest rejects account_mode main outright
- Skipping the scan, the tool installs system dependencies and a skill, run skillspector on it before install
The Stack
Tested Against
Panniantong/Agent-Reach (2026-06)ruby@3.x (YAML stdlib)Side effects & data flow
- Network
- none, local only
- Writes
- ./agent-reach.preflight.yaml
- Credentials
- none required
Prerequisites
- A throwaway account for any cookie-auth platform
- skillspector (to run the pre-install scan)
Steps
- 1
Author the preflight manifest and validate the guardrails
Write agent-reach.preflight.yaml: account_mode throwaway, a list of platforms each marked token or cookie auth, cookie_auth_acknowledged true if any platform uses cookies, and scan_before_install true. CI rejects a main account, an unacknowledged cookie platform, or a missing scan flag. Running the install is fenced.
cat > agent-reach.preflight.yaml <<'YAML' account_mode: throwaway scan_before_install: true cookie_auth_acknowledged: true platforms: - { name: github, auth: token } - { name: youtube, auth: token } - { name: twitter, auth: cookie } - { name: reddit, auth: cookie } YAML ruby -ryaml -e ' c = YAML.safe_load(File.read("agent-reach.preflight.yaml")) || {} abort "BAD: account_mode must be throwaway, never main" unless c["account_mode"] == "throwaway" abort "BAD: scan_before_install must be true" unless c["scan_before_install"] == true platforms = c["platforms"] || [] abort "BAD: list at least one platform" unless platforms.is_a?(Array) && !platforms.empty? cookie = platforms.select { |p| p["auth"] == "cookie" } if !cookie.empty? && c["cookie_auth_acknowledged"] != true abort "BAD: cookie platforms present, set cookie_auth_acknowledged: true" end puts "preflight OK: throwaway account, " + cookie.length.to_s + " cookie platform(s) acknowledged, pre-install scan required" ' - 2
Scan, then install on the throwaway (fenced)
Run skillspector on the Agent-Reach repo, then follow its install on a throwaway account, never your main, since cookie auth carries a ban risk. The scan and install need the tools and credentials and are fenced; CI only proves your guardrails hold.
Eval, 2 fixtures
Last passed: verified todaypreflight-okcontainstimeout 30s · max $0Expected:
preflight OK: throwaway account, 2 cookie platform(s) acknowledged, pre-install scan requiredclean-exitexit_codetimeout 30s · max $0Expected:
0
Results
Agent-Reach gives an agent eyes on the internet with no paid keys by installing upstream scrapers and using your logged-in cookies, which are full credentials and carry a real account-ban risk. It also installs system deps and registers a skill, exactly the kind of thing to scan first. This recipe makes the discipline executable: CI checks the preflight manifest uses a throwaway account, acknowledges every cookie platform, and requires a pre-install scan. It does not make Agent-Reach safe, it enforces your guardrails.
Did this work for you?
Our CI checks the setup runs. You tell us if the whole thing worked. Tell us straight.
Related workflows
Liked this workflow?
Get new verified workflows in WebAfterAI, three issues a week (Tue, Thu, Sat).