ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

broswer use skill

v1.0.0

Control Chrome browsers from the terminal via the AIPex extension. Use this skill when the agent needs to manage browser tabs, search page elements, click bu...

0· 70·0 current·0 all-time
byropzislaw@buttercannfly
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, required binaries (node, npm), and the CLI-centric commands are coherent: a Node CLI controlling Chrome via an extension reasonably needs Node and npm and the listed tab/page/interact features.
!
Instruction Scope
SKILL.md instructs use of commands that can read local paths (upload --file-path), save files, capture screenshots, and run skill scripts ('skill run ... scripts/init.js'). Those capabilities let an agent access arbitrary local files and execute code on the host if invoked — scope is broader than simple browser control and could be used to exfiltrate data or run local scripts.
Install Mechanism
There is no install spec in the package (instruction-only). The document instructs a standard 'npm install -g browser-cli' which is expected for a Node CLI; no download-from-arbitrary-URL or archive extraction is specified by the skill itself.
Credentials
The skill does not request credentials or environment variables (proportionate), but the documented commands allow reading and uploading arbitrary filesystem paths and invoking local skill scripts — the lack of declared secrets is good, but the CLI-level file access is an implicit privilege that the SKILL.md does not constrain.
Persistence & Privilege
always is false (good). The skill is allowed to be invoked autonomously by default (platform normal). Combined with the broad file/script operations in the instructions, autonomous invocation increases blast radius — consider requiring user confirmation before file access or script execution.
What to consider before installing
This skill appears to be what it claims (a Node-based CLI controlling Chrome via an AIPex extension), but its documented commands let an agent read local files, upload them to pages, capture and send screenshots, and execute skill scripts. Before installing: (1) review the browser-cli npm package and AIPex extension source on GitHub to verify authorship and code, (2) avoid granting autonomous agent invocation for this skill or require user confirmation for any file-access or script-run actions, (3) test in an isolated environment (VM/container) first, (4) audit any 'skill run' scripts you intend to allow, and (5) monitor network and filesystem activity while using it. If you don't trust the upstream code or cannot limit file/script access, do not install.

Like a lobster shell, security has layers — review code before you run it.

latestvk972tfna3swqt0jtyc4kgj391n83vv66

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🖥️ Clawdis
OSmacOS · Linux · Windows
Binsnode, npm

Comments