Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Camoufox Deploy
v1.0.0One-click deployment of camoufox anti-detection browser with modified agent-browser. Patches agent-browser to auto-detect camoufox/firefox from executable pa...
⭐ 0· 332·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (deploy camoufox and patch agent-browser) match the included SKILL.md and install.sh: the script installs camoufox, installs/locates agent-browser, edits its browser detection logic, rebuilds, and replaces the global package. These steps are proportionate to the stated purpose, but they require modifying a third‑party global npm package and compiling native code — actions that have system-wide impact and go beyond a low-risk 'helper' script.
Instruction Scope
The SKILL.md and install.sh instruct the agent/user to run commands that touch system-wide locations: installing uv, pip packages system-wide, running npm -g, cloning GitHub repos, invoking rustup and cargo, and overwriting the globally installed agent-browser directory. The instructions perform code modification (edit TS/JS) and replace existing software, which is broader than a self-contained install and can affect other tools. They also run remote installers and execute generated Python patches without integrity checks.
Install Mechanism
There is no registry install spec, but the bundled install.sh invokes remote installers via curl|sh (astral.sh for uv and rustup.rs for Rust). The script clones GitHub repos (expected) and edits/writes files on disk. Curl-pipe-to-sh and automatic replacement of global packages are higher-risk patterns because they execute code fetched from the network without verification.
Credentials
The skill does not request environment variables or credentials. The operations use standard system paths (HOME, npm global path) and tools (npm, python, cargo). No secret access is requested by the skill.
Persistence & Privilege
The installer replaces a globally installed npm package (agent-browser) and may compile and install native binaries. This modifies other installed software on the system and therefore carries persistent, system-wide privilege. Although 'always' is false, the script's behavior is persistent and can affect other skills or workflows.
What to consider before installing
Review and sandbox before running. Specifically: 1) Inspect the full install.sh yourself (it is included) and ensure you trust the remote endpoints (https://astral.sh and https://sh.rustup.rs). 2) Prefer running in an isolated VM or container, not on your primary machine, because the script overwrites a global npm package and compiles native code. 3) Back up the existing agent-browser installation (the script attempts backups, but verify them). 4) Avoid piping curl to sh from unknown hosts — fetch the installer, inspect it, then run. 5) If you only need agent-browser to detect an alternate executable, consider making the small local code change manually in a cloned repo rather than replacing the global package. 6) Be aware this enables an anti‑detection browser; depending on your environment and policies, using such tooling may violate rules or be legally sensitive.Like a lobster shell, security has layers — review code before you run it.
latestvk9736tsz9dxdg7k9nbwjw70dn9823zj7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.