Tor Browser Automation
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent Tor/Playwright browser automation tool, but users should review its setup, exposed Tor ports, and anonymity limitations before use.
Install only if you are comfortable running Tor and headless browser automation. Use trusted and pinned dependencies when possible, keep Tor ports local unless intentionally exposed, do not assume full Tor Browser-level anonymity, and supervise any clicks, form fills, screenshots, or scraping actions.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent could interact with pages or submit information through Tor in ways the user did not intend.
The skill exposes browser automation that can click, fill fields, capture screenshots, and extract site content. This matches the stated purpose, but those actions can have real effects on visited sites.
Supports navigation, element interaction, screenshots, and data extraction through Tor network.
Use it for explicit, legal targets only; review URLs, form contents, and click actions before allowing meaningful site interactions.
Users may install changing external dependencies or container images, and optional port publishing may expose local Tor services if configured broadly.
The setup depends on external package downloads and an unpinned third-party Docker image. This is expected for Tor/Playwright automation, but provenance and version pinning are left to the user.
pip install playwright playwright install chromium ... docker run -d --name tor-proxy \ -p 9050:9050 \ -p 9051:9051 \ peterdavehello/tor-socks-proxy
Install from trusted sources, pin package/image versions where possible, and bind Tor ports to localhost unless remote access is intentionally needed.
A user could overestimate the anonymity or anti-fingerprinting properties of this tool compared with the official Tor Browser.
The guide makes broad anonymity and isolation statements. The provided implementation shows Playwright Chromium using a SOCKS proxy, not a full Tor Browser environment with demonstrated circuit-isolation or fingerprinting protections.
**Isolate circuits**: Each browser context uses a fresh Tor circuit ... **Fingerprinting**: User agent is set to Tor Browser default **DNS leaks**: All DNS queries go through Tor SOCKS5 proxy
Treat this as Chromium routed through Tor, not as full Tor Browser anonymity; verify DNS, circuit isolation, fingerprinting, and operational-security requirements before sensitive use.