Agent Browser.Skip
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent browser-automation wrapper, but it should only be installed if you trust the external agent-browser CLI and are comfortable with an agent controlling browser sessions.
Install this only if you trust the external agent-browser CLI. Use a separate browser profile for automation, avoid exposing sensitive logged-in sessions unless necessary, and review important web actions before the agent submits forms, uploads files, or changes account data.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can navigate pages, click buttons, type text, and perform other browser actions that may submit forms or change account state.
The skill gives the agent access to the agent-browser CLI command surface. This is expected for a browser automation skill, but it enables real web interactions when invoked.
allowed-tools: Bash(agent-browser:*)
Use it only for websites and tasks where you are comfortable allowing browser automation, and review important actions before submitting forms or making account changes.
If used on logged-in sites, the agent may see session cookies, localStorage values, or credentials that could grant access to accounts.
The documented commands can inspect browser session data and set authentication credentials. This is disclosed and relevant to browser automation, but cookies, localStorage, and credentials can contain sensitive account access material.
agent-browser cookies # Get all cookies agent-browser storage local # Get all localStorage agent-browser set credentials user pass # HTTP basic auth
Avoid running cookie/storage commands unless necessary, prefer isolated browser profiles for automation, and do not use this skill with sensitive accounts unless you trust the environment.
You are trusting the current external agent-browser package and its installer, not just the text of this skill.
The skill is instruction-only and depends on a globally installed external CLI. The examples do not pin a package version, so the reviewed artifacts do not establish exactly what code will run.
npm install -g agent-browser agent-browser install agent-browser install --with-deps
Verify the npm package and upstream repository before installing, consider pinning a known-good version, and install in an isolated environment if possible.
Automation may continue using logged-in session state, which can affect what pages the agent can access and what data appears in snapshots or recordings.
The browser context can retain session cookies and storage across recording workflows. This is documented and useful for browser automation, but persistent session state can carry sensitive data between actions.
Recording creates a fresh context but preserves cookies/storage from your session.
Use a dedicated automation profile or clear cookies/storage after sensitive tasks.