Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Chrome DevTools MCP Manager
v1.0.0Manage chrome-devtools-mcp service and OpenClaw's built-in Chrome browser for MCP-based browser automation. Use when user needs to use chrome-devtools-mcp fu...
⭐ 0· 105·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes managing OpenClaw's built-in Chrome and a chrome-devtools-mcp MCP server — that matches the name/description. However the instructions assume the presence of tools (npx, mcporter) without listing them in the declared requirements; that mismatch is sloppy and worth flagging because the skill implicitly depends on those tools being available.
Instruction Scope
Instructions stay within browser/MCP management (status/open/stop, check local CDP endpoint, configure mcporter). They also recommend using evaluate_script (execute JavaScript) which is normal for automation but can access page local data — this is expected for a browser automation tool but is a sensitive capability. The SKILL.md does not instruct reading unrelated system files or secrets.
Install Mechanism
No formal install spec is provided, but the docs instruct using `npx chrome-devtools-mcp@latest` in mcporter/clients. That means runtime code is fetched from the npm registry (latest tag) when mcporter runs. Fetching unpinned packages at runtime can introduce supply-chain risk; the skill does not declare or pin a specific package/version and does not declare npx as a required binary.
Credentials
The skill does not request credentials or config paths. It suggests setting non-sensitive environment flags (CHROME_DEVTOOLS_MCP_NO_USAGE_STATISTICS, DEBUG) which are proportional to the task. No secret-env variables are requested.
Persistence & Privilege
always is false and the skill is instruction-only; it does not request persistent or elevated platform privileges and does not modify other skills' configs. Autonomous invocation is allowed by default but not combined with other high-risk factors.
What to consider before installing
This skill looks like a reasonable set of instructions for managing OpenClaw's built-in Chrome and connecting an MCP client, but note three things before proceeding:
1) The documentation assumes runtime use of npx and mcporter but the skill metadata does not declare those binaries; ensure npx and mcporter exist on your system before relying on these steps.
2) The mcporter examples use `npx chrome-devtools-mcp@latest` (unpinned). That causes a network fetch and execution of code from the npm registry at runtime — consider pinning to a specific, audited version (for example use `chrome-devtools-mcp@1.2.3`) or installing the package from a trusted release to avoid supply-chain risk.
3) Browser automation inherently allows executing arbitrary JS in page contexts (evaluate_script). Treat pages that contain sensitive data carefully; don't allow untrusted code or third parties to reuse this capability without review.
If you want to reduce risk: require/pin a specific npm package version in the documentation, explicitly list required binaries (npx, mcporter) in the skill metadata, and verify the chrome-devtools-mcp package origin and checksum before use.Like a lobster shell, security has layers — review code before you run it.
latestvk9793m13xy7wnwy9m0edcnccwh83ckb3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.