Skillv1.0.1

ClawScan security

Chrome Debug Launcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 25, 2026, 3:50 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions and requirements are consistent with its stated purpose (launching a normal Chrome and a remote-debugging Chrome); it is instruction-only, requests no credentials, and doesn't attempt hidden or unrelated actions — but the runtime steps are disruptive (they kill all Chrome processes) and expose a debugging port, so use with caution.
Guidance: This skill appears to do what it says, but review and consider the following before installing or running: 1) The commands kill all Chrome processes — this may close windows/tabs with unsaved data; run manually if you need to preserve sessions. 2) Verify and/or change the hardcoded paths (Windows: C:\Program Files\..., profile path C:\selenum\ChromeProfile; macOS: /Applications/... and $HOME/selenium/ChromeProfile) to safe locations. 3) Remote debugging opens port 9222 on the host — ensure you are not exposing that port to untrusted networks. 4) Because this is instruction-only, the agent would need permission to run shell/PowerShell commands; only allow the skill if you trust it to execute these OS commands. If you're unsure, run the provided commands yourself rather than giving the agent automatic execution privileges.

Purpose & Capability: okName/description match the concrete instructions: the SKILL.md explicitly kills Chrome and launches two instances (one with --remote-debugging-port=9222 and a separate user-data-dir). There are no unrelated environment variables, binaries, or installs requested.
Instruction Scope: noteThe instructions remain within the stated goal but are somewhat heavy-handed: they unconditionally kill all Chrome processes (taskkill/pkill) which can cause data loss or disruption of other browser sessions. They also create/use fixed user-data-dir paths (C:\selenum\ChromeProfile and $HOME/selenium/ChromeProfile) and assume default install locations. The remote-debugging port is exposed on localhost — expected for the purpose but potentially sensitive if the machine forwards ports.
Install Mechanism: okInstruction-only skill with no install spec and no code to write to disk; lowest-risk install profile. The regex scanner found no code to analyze.
Credentials: okThe skill declares no required environment variables, credentials, or config paths and the instructions do not reference secrets. Requested file paths are local and relate to isolating the debug profile.
Persistence & Privilege: okalways is false and the skill does not request persistent system configuration or modify other skills. Autonomous invocation is allowed by default but not unusually privileged.