ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

chrome-relay-browser

通过 Chrome Extension relay 控制浏览器。用于控制用户已在 Chrome 中打开并 attach 的标签页,无需启动新浏览器,用户可直接看到操作界面。触发条件:(1) 用户让我操作浏览器 (2) 需要复用用户已打开的页面 (3) 需要截图/填表/点击等操作

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 32 · 0 current installs · 0 all-time installs
by@ZaviWayne
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the skill controls an attached Chrome tab via a local relay (PORT + TOKEN). Required env vars and the secrets file correspond to the described Gateway token/port and are appropriate for this purpose.
Instruction Scope
SKILL.md confines actions to installing/configuring a Chrome extension, reading ~/.openclaw/secrets/browser-relay.env, and running scripts/ctl.js to interact with the local relay. The runtime script only communicates with localhost (127.0.0.1) and the attached browser; it does allow executing arbitrary JS in the page (by design) but does not attempt to read unrelated files or send data to external hosts.
Install Mechanism
No install spec (instruction-only plus a node script). This is low risk, but the script depends on the npm 'ws' package (require('ws')) and Node; SKILL.md does not instruct to install that dependency or Node. Recommend explicitly installing dependencies (npm install) before running.
Credentials
Only RELAY_TOKEN and RELAY_PORT (and the declared secrets file) are required; these are exactly the credentials needed to authenticate to the local relay gateway. No unrelated credentials or broad filesystem access are requested.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent/always-on privileges or modify other skills or system-wide settings. Agent autonomous invocation is allowed (platform default) but not an additional privilege here.
Assessment
This skill appears to do what it claims: control an already-attached Chrome tab via a local relay using a gateway token and port stored in ~/.openclaw/secrets/browser-relay.env. Before installing/using: (1) Verify the Chrome extension you load is from a trusted source and inspect its code/config if possible — the extension is the component that exposes the relay and could be misconfigured. (2) Treat RELAY_TOKEN as a secret; anyone with it and network access to the relay port could control your browser. (3) Ensure Node and the 'ws' package are installed (npm install ws) or the script will fail. (4) Be aware the skill intentionally supports 'evaluate' which runs arbitrary JS in pages you have open — only run it when you trust the operator/agent actions. (5) If you need stronger assurance, review the extension and scripts line-by-line or run them in a controlled environment first.
scripts/ctl.js:10
Environment variable access combined with network send.
!
scripts/ctl.js:15
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk976pk6wprsft759a6zdrvpr1583bs04

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
EnvRELAY_TOKEN, RELAY_PORT
Config~/.openclaw/secrets/browser-relay.env

SKILL.md

chrome-relay-browser

通过 Chrome Extension relay 控制已 attach 的浏览器标签页。

前置条件

  1. 配置 openclaw.json(确保 browser 部分已配置):

    "browser": {
  "enabled": true,
  "defaultProfile": "chrome-relay",
  "attachOnly": true
}

  2. 安装 Chrome 扩展

    openclaw browser extension install
openclaw browser extension path  # 获取安装路径

    然后在 Chrome 中加载:打开 chrome://extensions,开启开发者模式,加载上述路径

  3. 配置扩展(安装后需配置一次):

    • 点击扩展图标 → 设置
    • Relay port: 从 ~/.openclaw/secrets/browser-relay.env 读取 RELAY_PORT
    • Gateway token: 从 ~/.openclaw/secrets/browser-relay.env 读取 RELAY_TOKEN

  4. Attach 标签页

    • 在 Chrome 打开任意页面
    • 点击扩展图标 attach

使用方法

运行 scripts/ctl.js 控制浏览器:

cd /home/zavi/.openclaw/workspace/skills/chrome-relay-browser/scripts
node ctl.js <command> [args]

可用命令

命令说明示例
navigate <url>打开 URLnode ctl.js navigate https://baidu.com
screenshot [path]截图node ctl.js screenshot /tmp/abc.png
title获取页面标题node ctl.js title
url获取当前 URLnode ctl.js url
evaluate <js>执行 JSnode ctl.js evaluate "document.title"

配置

Token 和 Port 存储在 ~/.openclaw/secrets/browser-relay.env,脚本自动读取:

  • RELAY_TOKEN - Gateway token
  • RELAY_PORT - Relay 端口号

故障排除

  • Unauthorized: 检查扩展设置的 Gateway token 是否与 secrets 中的 RELAY_TOKEN 一致
  • No tabs: 提醒用户先在 Chrome 中 attach 标签页
  • Connection refused: 重启 Gateway 或检查 RELAY_PORT 配置

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…