Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Camoufox CLI
v1.0.0Anti-detect browser automation CLI & Skills for AI agents. Use when the user needs to interact with websites with bot detection, CAPTCHAs, or anti-bot blocks...
⭐ 0· 59·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and the SKILL.md are consistent: the doc describes a CLI for anti-detect browser automation and the commands line up with that purpose. However, the package provides no provenance (no homepage/source) and declares no required binaries or install spec even though the runtime docs expect a camoufox-cli binary and an 'install' command that downloads the browser. That mismatch is plausible for an instruction-only skill but reduces trust in the artifact's origin.
Instruction Scope
All runtime instructions are scoped to interacting with web pages (open, snapshot, click, fill, screenshot, export/import cookies, persistent profiles). The SKILL.md does not instruct the agent to read arbitrary system files or unrelated credentials, but it does instruct reading/writing persistent profile data under ~/.camoufox-cli and importing/exporting cookie JSON files — operations that can expose sensitive session tokens. The doc also encourages running an install command that will download external binaries.
Install Mechanism
There is no install specification in the package (it's instruction-only), yet the documentation explicitly instructs the agent to run 'camoufox-cli install' to download the Camoufox browser (and optionally deps). Because no trusted source/URL is provided in the package metadata or docs, the actual install step would retrieve binaries from an unknown origin at runtime — a high-risk operation. The absence of a declared, verifiable install source is a notable gap.
Credentials
The skill does not request any environment variables or credentials, which is proportionate to its stated purpose. However, it supports optional proxies (including user:pass syntax) and cookie import/export and persistent profiles; these features permit handling of sensitive secrets (session cookies, proxy credentials) at runtime even though they are not declared. That design places responsibility on the operator to avoid passing sensitive secrets to the tool without review.
Persistence & Privilege
The skill is not always-enabled and is user-invocable (default). It documents persistent browser profiles (~/.camoufox-cli/profiles/<session>) and a background daemon that persists between commands. That persistence is reasonable for a browser CLI but increases the risk surface (stored cookies, sessions, profiles). The skill also allows autonomous invocation by the agent (disable-model-invocation is false), which, combined with the anti-detection capability and persistent state, raises the potential blast radius if the agent is granted autonomy.
Scan Findings in Context
[no_code_files_or_regex_matches] expected: The package is instruction-only; the regex scanner had no code to analyze. This is expected given the SKILL.md-based nature, but it means there is no static evidence of where 'camoufox-cli install' will download from.
What to consider before installing
This skill is an instruction-only wrapper for an anti-detect browser CLI. Before installing or using it, verify the origin (source repo or vendor) and where 'camoufox-cli install' downloads binaries from — unknown download sources are risky. Be aware the tool can save persistent browser profiles and export cookies, which may contain session tokens or credentials; avoid importing or exporting sensitive cookies or proxy credentials without secure review. If you allow agent autonomy, consider disabling autonomous invocation for this skill or running it only in a sandboxed environment (isolated VM/container) with no access to personal credentials. If you need to use it, require an explicit approval step for any install/download and review the network endpoints and host that provide the Camoufox binaries.Like a lobster shell, security has layers — review code before you run it.
latestvk97dpp7egryng5v5gzh7p2ccys84d99g
License
MIT-0
Free to use, modify, and redistribute. No attribution required.