Back to skill
Skillv1.0.2
VirusTotal security
Claw Browser · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:09 AM
- Hash
- 9effc570147c78fa03f177d689eb794fb155bbd37942cbf9dd8869e79ad3d637
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: claw-browser Version: 1.0.2 The skill provides a web browsing capability using Playwright, which inherently grants significant power. The `SKILL.md` instructs the agent to execute shell commands (`playwright install chromium`) for setup, involving downloading and installing binaries. The `browser.py` script can visit arbitrary URLs (user-controlled), execute JavaScript on those pages, and save files (screenshots) to the local filesystem. While these capabilities are plausibly needed for a browser tool, they represent high-risk actions (shell execution, network access, file write, JavaScript execution) that could be leveraged for unintended purposes if the agent is compromised or instructed maliciously, without clear evidence of intentional malicious design within the skill itself.
- External report
- View on VirusTotal