ClawHub

openclaw-browser-extension-clicker

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about being a browser-extension clicker, but it grants desktop-level screen capture and mouse-click authority with weak safeguards, so users should review it carefully before installing.

Install only if you intentionally want an agent or script to control your desktop mouse and inspect the visible screen to operate browser extension UI. Use dry-run first, keep the intended browser window focused, close sensitive windows before screenshots, delete generated screenshot files, and avoid using it on login pages, wallet prompts, permission dialogs, or unknown coordinates.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill includes a full-screen screenshot capability that is not strictly necessary to click a browser extension icon. Because this is a system-level GUI automation tool explicitly intended to bypass browser security boundaries, capturing the entire screen can expose unrelated sensitive information such as messages, credentials, documents, or other application contents.

Context-Inappropriate Capability

Low
Confidence
89% confidence
Finding
Template matching uses full-screen visual scanning via locateOnScreen, which expands the skill from simple clicking into generalized screen inspection. In the context of a GUI automation skill meant to operate around browser restrictions, this broader visibility increases the chance of collecting or inferring sensitive on-screen data and creates a more capable primitive for unintended surveillance or interaction.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly promotes using system-level GUI automation to 'bypass browser security restrictions' while only giving operational tips, not meaningful warnings about unintended clicks, privilege boundaries, or abuse potential. In this skill's context, that language increases risk because the tool is specifically designed to interact with browser UI outside normal extension and browser security controls, which can lead to unauthorized actions, clickjacking-like behavior, or misuse on sensitive browser prompts.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This skill explicitly promotes system-level GUI automation and screen interaction to bypass normal browser security boundaries, but its documentation does not adequately warn that coordinate-based clicking and screenshot-driven targeting can misfire and interact with unrelated UI elements. In context, the skill is specifically intended to manipulate browser extensions and system menus, so unintended clicks could trigger privileged browser actions, extension popups, permission dialogs, or other sensitive interface elements.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal