ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Stealth Browser

v3.0.0

Professionelle Browser-Automation mit Human Behavior Simulation, Advanced Anti-Detection und 2Captcha Integration. Stealth-Score: 100/100. Ideal für SEO, Bac...

0· 80·0 current·0 all-time
by@akkualle
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims full browser automation (stealth, captcha solving, persistent Google login) which would reasonably need Python, Chrome, and a 2Captcha API key, but the registry metadata lists no required binaries or env vars. The packaged manifest (package.json, SKILL.md, README) expects a 'stealth-browser' executable / Python module, however that executable/module is not present in the provided file list. This is an incoherence: either files are missing from the bundle or the package metadata is incorrect.
!
Instruction Scope
Runtime instructions instruct exporting TWOCAPTCHA_API_KEY, creating a proxies/proxies.txt, performing Google login and persistently storing sessions/cookies, and running './stealth-browser-v3' commands. Examples access and save session/cookie files under /root/.openclaw/skills/stealth-browser. SKILL.md and examples therefore direct reading/writing of sensitive local data (cookies/sessions) and reference hard-coded root paths. The instructions also run an installation test (python3 stealth-browser test) but the referenced binary/module is missing. These steps go beyond simple instructions and grant broad access to authentication artifacts — this should be assessed by the user.
Install Mechanism
There is no formal install spec in the registry, but an install.sh is included which pip-installs Python packages (undetected-chromedriver, selenium, websocket-client), creates directories under /root/.openclaw/skills/stealth-browser, and runs 'python3 stealth-browser test'. The pip installs are from public PyPI (moderate risk). The install script does not download code from obscure URLs, but it assumes the main binaries/scripts are present and makes hard-coded changes under /root. Missing main executable increases the risk that the package was packaged incorrectly or tampered with.
!
Credentials
SKILL.md requires TWOCAPTCHA_API_KEY (sensitive credential) and expects proxy credentials in proxies/proxies.txt. However the registry metadata declared no required env vars — a mismatch. The skill's behavior (persisting Google session cookies) implies access to highly sensitive auth tokens/cookies; these are stored under /root/.openclaw/skills/stealth-browser which may make them accessible to processes running as root. Requesting a captcha key and storing session cookies are proportionate to captcha-solving/automation, but the lack of explicit env declarations and the use of root paths are concerning and should be justified.
Persistence & Privilege
The skill requests persistent sessions/cookie storage and install.sh creates persistent directories under /root/.openclaw/skills/stealth-browser. It does not set 'always: true'. Persistent storage of Google sessions is a high-impact capability (it allows continued access to Google services once a user has logged in). That capability can be legitimate for an automation skill, but combined with hard-coded root paths and missing/external binaries it increases the blast radius; ensure you trust the author and inspect the actual runtime binary/module before use.
What to consider before installing
Do not install or run this skill on a production system without further checks. Specific issues to consider before installing: - The bundle appears incomplete: examples and the install script reference a 'stealth-browser' executable / Python module that is not present. Ask the author for the missing files or a full release archive. - SKILL.md asks you to export TWOCAPTCHA_API_KEY and to provide a proxies/proxies.txt (which may contain username:password). Those are sensitive credentials — only provide them if you understand how and where they will be stored. - The installer creates and uses /root/.openclaw/skills/stealth-browser and runs 'python3 stealth-browser test'. Hard-coded root paths can cause permission issues and may expose other data if run as root. - The skill persistently stores Google session cookies. If those files are compromised, attackers could access your Google services. Verify how cookies are encrypted/safeguarded and where backups are written. - The installer pip-installs third-party Python packages. Ensure your environment is isolated (use a virtualenv/container) and inspect the actual runtime code (the 'stealth-browser' binary/module) before executing it. If you still want to proceed: request the missing binary/module source, verify the code that performs cookie/session storage and encryption, run the installer in a disposable VM/container, and avoid supplying privileged credentials until you confirm implementation details.

Like a lobster shell, security has layers — review code before you run it.

latestvk97at2h2r21jvgntqep4zw64zh83s7sb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments