Smooth Browser
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent could submit forms, scrape sites, or take web actions beyond what the user intended.
This documents a powerful, broad browser-automation tool. That is expected for the skill, but users should notice that it can interact with arbitrary websites and perform form-filling or automation tasks.
Browser for AI agents to carry out any task on the web. Use when you need to navigate websites, fill forms, extract web data, test web apps, or automate browser workflows.
Use URL allowlists, max-step limits, and explicit user confirmation before submitting forms, making purchases, publishing content, or changing account data.
A stored login profile could let the agent act as the user on websites in later sessions, including making account changes or posting content.
The skill encourages persistent authenticated browser profiles and shows reuse of a logged-in profile to mutate a third-party account, without a mandatory approval or scope boundary.
Profiles are useful to persist cookies, login sessions, and browser state between sessions... Reuse authenticated profile... smooth run -- <session-id> "Create a new issue in my repo 'my-project'"
Use separate per-site profiles, prefer read-only profiles where possible, require explicit confirmation for authenticated actions, and avoid using this with sensitive accounts unless you trust the provider and workflow.
Persistent memory could reveal which services the user is logged into and could cause the agent to reuse an authenticated profile in the wrong task.
The skill tells the agent to store persistent memory linking profile IDs to authenticated services, which can enable future use of login state without fresh context or consent.
Keep profiles organized: Save to memory which profiles authenticate to which services so you can reuse them efficiently in the future.
Do not store sensitive account mappings in long-term memory unless the user explicitly agrees; periodically review and delete stored profile references.
Personal data, selected files, and browsing activity may be processed by the external Smooth service during automation.
The skill discloses that task metadata, selected files, and browser traffic may be handled through Smooth's session/proxy flow. This is aligned with browser automation, but it is a sensitive data boundary.
`--metadata` - JSON object with variables for the task ... `--files` - Comma-separated file IDs to make available in the session ... By default, the CLI automatically configures a built-in proxy
Avoid sending secrets or unnecessary files, review Smooth's privacy/security terms, and use `--allowed-urls` or `--no-proxy` where appropriate.
Installing an unpinned external package means the actual code run on the user's machine is not included in this review.
The skill depends on an external PyPI package installed outside the skill artifact. This is user-directed and purpose-aligned, but the package version is not pinned in the instructions.
If not, you can install it by running: ```bash pip install smooth-py ```
Install only from a trusted source, consider pinning a known version, and review the package before using it with authenticated browser sessions.