ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Steel Browser

v1.0.0

Control cloud browser sessions via Steel.dev for web automation and computer-use agents. Use when you need to browse the web, fill forms, click elements, tak...

0· 422·0 current·0 all-time
by@eyhn
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's description (Steel.dev browser control) matches the scripts’ behavior (starting/releasing sessions, navigation, clicks, screenshots, JS eval, content extraction). However the registry metadata declares no required environment variables or primary credential while the scripts and SKILL.md clearly require STEEL_API_KEY (and optionally STEEL_SESSION_ID). That mismatch is an incoherence that should be resolved — the API key is essential for the stated purpose and must be declared.
Instruction Scope
Runtime instructions and scripts legitimately perform browser automation actions (navigate, click, type, screenshot, evaluate JS, extract page content). They read/write a state file at ~/.steel_state and require STEEL_API_KEY. The ability to run arbitrary JS (eval_js.sh / page.evaluate) and to extract full page content or screenshots means the skill can capture any data visible in the browser (including PII, credentials, tokens) — this is expected for a browser-control skill but is a sensitive capability the user should be aware of.
Install Mechanism
There is no automated install spec (instruction-only install), which is low-risk for arbitrary downloads. SKILL.md recommends pip install steel-sdk and playwright but the skill does not perform automatic installation. No remote download URLs or extract operations are present in the package itself.
!
Credentials
The skill requires a Steel API key at runtime (STEEL_API_KEY) and optionally a session ID; yet the registry declares no required env vars or primary credential. Declaring no credentials in metadata is misleading. The skill also suggests persisting the API key into OpenClaw config (openclaw config set env.STEEL_API_KEY), which will store a secret in the agent configuration — users should verify how their platform stores/protects that secret. No unrelated credentials are requested, but the omission in metadata is a notable inconsistency.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It writes a per-user state file (~/.steel_state) to persist session_id, which is reasonable for session reuse. Autonomous invocation is allowed (disable-model-invocation is false) — normal for skills — but combined with a stored API key it raises the usual caution about an agent being able to run web actions without explicit user prompts.
What to consider before installing
This package appears to implement a Steel.dev browser automation skill and the scripts perform the expected operations, but the registry metadata failing to declare STEEL_API_KEY is an inconsistency you should address before installing. Actionable checks and precautions: 1) Confirm you trust the source and Steel.dev (no homepage is listed here). 2) Expect to provide STEEL_API_KEY in your environment or OpenClaw config — understand how and where that secret will be stored and who can access it, and consider using a scoped/rotatable key. 3) Review the scripts locally (they are included) — they write ~/.steel_state and allow arbitrary JavaScript execution and full-page content extraction, which can capture sensitive data from pages the agent visits. 4) Limit agent autonomy if you don’t want the agent to run browser actions unattended (restrict invocation or require manual confirmation). 5) Install required Python packages (steel-sdk, playwright) in an isolated environment and verify network calls (the code connects to wss://connect.steel.dev?apiKey=...&sessionId=...) align with Steel’s documented endpoints. If you need this capability and trust Steel.dev, the skill is functionally coherent; if you cannot verify the API key handling or trust the publisher, do not install.

Like a lobster shell, security has layers — review code before you run it.

latestvk970jyzfhekcf5g6w99txmqhvx823sfm
422downloads
0stars
1versions
Updated 8h ago
v1.0.0
MIT-0
@eyhn
latest
Download

Steel Browser Skill

Cloud browser-use via Steel.dev + Playwright Python SDK. Ideal for web automation, scraping, form filling, and AI agent browser loops.

Prerequisites

pip install steel-sdk playwright
export STEEL_API_KEY=your_key_here

Get your API key at https://app.steel.dev → Settings → API Keys (free: 100 browser hours).

Steel API key should be set in OpenClaw config or environment:

openclaw config set env.STEEL_API_KEY "your_key"

State Management

  • start_session.sh saves session ID to ~/.steel_state
  • All scripts auto-load it from there
  • Override anytime with export STEEL_SESSION_ID=<id>
  • Sessions persist until release_session.sh or timeout

Scripts

ScriptUsageDescription
start_session.sh[--proxy] [--captcha] [--timeout MS]Create session; prints SESSION_ID + VIEWER_URL
release_session.sh[SESSION_ID]Release session
list_sessions.sh(none)List active sessions
navigate.shURL [--wait-until networkidle]Go to URL
screenshot.sh[OUTPUT.png] [--full-page]Take screenshot
click.shSELECTORClick by CSS/text/aria selector
click_coords.shX Y [--right] [--double]Click at pixel coords (fallback)
type.shSELECTOR "text"Fill input field
press_key.shKEYPress key (e.g. Enter, Control+a)
scroll.shAMOUNT|--to-bottom|--to-top|SELECTORScroll page
hover.shSELECTORHover over element
select.shSELECTOR VALUESelect dropdown option
get_content.sh[--html] [SELECTOR]Extract page text or HTML
eval_js.sh"js expression"Execute JavaScript, print result
wait_for.shSELECTOR [TIMEOUT_MS]Wait for element to appear
get_url.sh(none)Print current URL and page title

Selector Examples

Steel uses Playwright selectors — much more powerful than pixel coords:

# By CSS
click.sh "#submit-button"
click.sh ".nav-link:first-child"

# By text content
click.sh "text=Sign in"
click.sh "button:has-text('Continue')"

# By aria label
click.sh "[aria-label='Search']"
click.sh "[placeholder='Email address']"

# XPath
click.sh "xpath=//button[@type='submit']"

Browser-Use Agent Loop Pattern

SCRIPTS="skills/steel-browser/scripts"

# 1. Start session (add --proxy --captcha for tough sites)
source <($SCRIPTS/start_session.sh)
echo "Session: $SESSION_ID"
echo "Watch at: $VIEWER_URL"

# 2. Navigate
$SCRIPTS/navigate.sh "https://example.com"

# 3. Agent loop
while true; do
  $SCRIPTS/screenshot.sh /tmp/screen.png
  
  # Get page text for LLM context
  CONTENT=$($SCRIPTS/get_content.sh)
  
  # LLM decides action...
  ACTION=$(echo "$CONTENT" | llm_decide /tmp/screen.png)
  
  case "$ACTION_TYPE" in
    click)    $SCRIPTS/click.sh "$SELECTOR" ;;
    type)     $SCRIPTS/type.sh "$SELECTOR" "$TEXT" ;;
    navigate) $SCRIPTS/navigate.sh "$URL" ;;
    done)     break ;;
  esac
done

# 4. Release
$SCRIPTS/release_session.sh

vs E2B Desktop

FeatureSteel BrowserE2B Desktop
SelectorsPlaywright CSS/text/aria ✅Pixel coords only
Proxy support✅ Residential proxies
CAPTCHA solving✅ Built-in
Non-browser tasks✅ Desktop apps, terminal
Session viewer✅ Live URL✅ VNC stream

Use Steel for web automation. Use E2B Desktop for desktop apps / full OS control.

Comments

Loading comments...