Camoufox Deploy
MaliciousAudited by ClawScan on May 10, 2026.
Overview
This skill is designed to deploy an anti-detection browser that explicitly claims it can bypass Bilibili and Cloudflare risk controls, while also running broad unpinned install and global patch steps.
Avoid installing this skill on a normal machine. Its advertised purpose is to deploy anti-detection browser automation for bypassing Cloudflare/Bilibili-style controls, and its installer runs broad unpinned remote code while modifying global tooling. If you have a legitimate authorization-testing need, use a disposable VM or container and review/pin every dependency first.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing it could enable an agent to automate websites while evading defenses that those sites intentionally use to detect bots or abuse.
The skill explicitly presents the browser automation stack as a way to bypass third-party risk-control and anti-bot protections.
**反检测能力**: camoufox 能绕过 Bilibili、Cloudflare 等风控
Do not install for general use. Only consider isolated, authorized security testing environments with clear permission from the systems being tested.
A changed upstream package, compromised installer, or malicious dependency could execute code on the user's machine during installation.
The installer pulls code and packages from multiple remote sources without pinned versions, checksums, or reviewed provenance, then installs them into system/global locations.
curl -LsSf https://astral.sh/uv/install.sh | sh ... uv pip install camoufox --system ... npm install -g agent-browser ... git clone --depth 1 https://github.com/browser-use/agent-browser.git
Use pinned versions, checksums, lockfiles, and a reviewed local fork; run installation only inside a disposable container or VM.
Running the script may execute arbitrary installer or package-maintainer code with the user's local permissions.
The setup flow can execute downloaded shell installers and package build scripts as part of a one-click install.
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y ... npm install ... npm run build
Avoid one-click execution; review each command, pin dependencies, and run in a sandboxed environment.
A broken or unsafe modification could persist beyond the install session and change how later browser automation tasks behave.
The script replaces the globally installed agent-browser package, so any bad patch or compromised dependency can affect future uses of that automation tool.
mv "$AGENT_BROWSER_PATH" "$BACKUP_PATH" ... cp -r . "$AGENT_BROWSER_PATH"
Prefer a separate local fork or containerized install rather than replacing a global package; require explicit user confirmation before any global replacement.