Pinchtab Helper
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a disclosed browser-automation helper, but installing and running PinchTab gives an agent control over a local browser, so use a trusted installer and a dedicated browser profile.
This skill is not showing hidden malicious behavior in the provided artifacts. Before using it, verify the PinchTab installer, run it only from trusted sources, keep the service local, use a separate browser profile, and require explicit confirmation before the agent submits forms or performs sensitive website actions.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used on sensitive sites, the agent could submit forms, click account controls, or make changes the user did not intend.
The skill documents direct browser actions, including clicking, entering text, and submitting forms. This is central to the stated purpose, but it can affect websites and accounts.
pinchtab click e5 ... pinchtab fill e3 "搜索内容" ... pinchtab press e7 Enter
Use this only for user-directed browsing tasks, and require confirmation before purchases, logins, account changes, posts, file uploads, or other irreversible actions.
The security of the installed PinchTab tool depends on the external source and version the user installs.
The setup relies on external installers/packages/containers that are not bundled with this skill or pinned to a reviewed version.
curl -fsSL https://pinchtab.com/install.sh | bash ... npm install -g pinchtab ... docker run -d --name pinchtab ... pinchtab/pinchtab
Verify PinchTab’s source before installing, prefer pinned versions or trusted package sources, and avoid curl-to-bash if you cannot inspect the script.
Using a personal browser profile could let automation act inside already-logged-in accounts.
The skill acknowledges browser profile choice. A normal browser profile may contain logged-in sessions and cookies, giving the agent delegated account access through the browser.
Profile:建议使用专门的自动化 profile
Use a separate automation browser profile with only the accounts needed for the task, and avoid using profiles with banking, admin, or other highly sensitive sessions.
Anyone with access to the exposed endpoint or remote token could potentially control the automated browser.
The browser-control API is exposed through a local HTTP endpoint, with an optional remote bridge token. This is disclosed and purpose-aligned, but it is still a sensitive control channel.
基础 URL: http://localhost:9867 ... 安全:PinchTab 默认只绑定 127.0.0.1 ... 如果需要远程访问,设置 BRIDGE_TOKEN
Keep the service bound to localhost, do not expose the port publicly, protect BRIDGE_TOKEN, and stop the service when not in use.
The browser automation service may remain available until the user stops it.
The setup starts PinchTab as a background process. This is expected for a browser-control service, but it may keep running after the immediate task.
pinchtab &
Start PinchTab only when needed and stop the background process after finishing browser automation tasks.