ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Browser Relay Reliability

v0.1.0

Harden OpenClaw browser extension relay behavior by eliminating blank-target tab churn, fixing download behavior forwarding, and standardizing download paths.

0· 101·0 current·0 all-time
byDaniel Sinewe@danielsinewe

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for danielsinewe/openclaw-browser-relay-reliability.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "OpenClaw Browser Relay Reliability" (danielsinewe/openclaw-browser-relay-reliability) from ClawHub.
Skill page: https://clawhub.ai/danielsinewe/openclaw-browser-relay-reliability
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: rg
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install danielsinewe/openclaw-browser-relay-reliability

ClawHub CLI

Package manager switcher

npx clawhub@latest install openclaw-browser-relay-reliability
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the runtime instructions (hardening extension relay behavior). However, the skill declares a required binary 'rg' (ripgrep) which is not referenced in the SKILL.md steps; that mismatch suggests either an omitted usage detail or an unnecessary requirement. The SKILL.md also cites specific repository file paths as 'proof points' despite this being an instruction-only skill with no included code—this is plausible as documentation but is an unexplained link between the skill and repository contents.
Instruction Scope
The SKILL.md is a high-level troubleshooting/hardening guide; it does not instruct the agent to read arbitrary system files, exfiltrate data, call external endpoints, or access environment variables. It references source paths and verification steps, but does not contain commands or steps that would expand scope beyond its stated purpose.
Install Mechanism
There is no install specification and no code files. This is the lowest-risk model for install behavior (instruction-only), so nothing is written to disk by an installer.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate to a documentation/troubleshooting skill. The only declared requirement is the 'rg' binary, which is questionable but not a secret/credential request.
Persistence & Privilege
The skill is not marked always:true and does not request elevated persistence. Autonomous agent invocation is allowed (platform default) but not combined with any other high-risk flags.
What to consider before installing
This appears to be a documentation-style troubleshooting skill for fixing OpenClaw extension-relay download and tab behavior, but there are small inconsistencies you should clarify before installing: - Confirm why 'rg' (ripgrep) is declared required. The SKILL.md never references running searches; if the skill expects to search code, ask the author for the exact commands and whether the agent will access your repository/workspace. - The SKILL.md lists specific source file paths as 'proof points' but no code is bundled. If you expect the skill to modify or verify those files automatically, request a concrete install or run plan (commands, file edits, or an automated patch). Otherwise treat this as a manual checklist only. - Because the skill is instruction-only, it cannot itself execute code from a remote URL, but an agent following the instructions could be directed (later) to edit files or run tools in your environment. Only enable it in environments where you trust the operator and where any repo referenced is safe to inspect. If you need to proceed: ask the skill author for (a) the exact intended runtime steps (what the agent will search or modify), (b) whether 'rg' is actually needed and how it will be used, and (c) a link to the repository or changelist that implements the hardening so you can review changes before they are applied. If you cannot get that, treat the skill as low-value documentation and avoid giving it broad agent permissions or running it autonomously on sensitive systems.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🧱 Clawdis
Binsrg
browservk97a7gc28xgxj2cbcdwebawaed857vpxchrome-extensionvk97a7gc28xgxj2cbcdwebawaed857vpxdownloadsvk97a7gc28xgxj2cbcdwebawaed857vpxlatestvk97a7gc28xgxj2cbcdwebawaed857vpxopenclawvk97a7gc28xgxj2cbcdwebawaed857vpxrelayvk97a7gc28xgxj2cbcdwebawaed857vpxreliabilityvk97a7gc28xgxj2cbcdwebawaed857vpx
101downloads
0stars
1versions
Updated 5d ago
v0.1.0
MIT-0
Daniel Sinewe@danielsinewe
browserchrome-extensiondownloadslatestopenclawrelayreliability
Download

OpenClaw Browser Relay Reliability

Use this skill when extension-relay browser sessions show flaky target creation, missing download behavior, or inconsistent download locations.

What this improves

  • Reuse active target for blank Target.createTarget requests to avoid throwaway tabs.
  • Forward Browser.setDownloadBehavior as Page.setDownloadBehavior through the extension bridge.
  • Standardize default download output to ~/Downloads/OpenClaw.
  • Align temp download path builder with shared default download directory.

Proof points

  • assets/chrome-extension/background.js
  • src/browser/extension-relay.ts
  • src/browser/paths.ts
  • src/browser/pw-tools-core.downloads.ts

Verify quickly

  1. Start extension-relay flow and trigger a blank target create request; confirm no extra tab churn.
  2. Trigger a browser download in relay mode; confirm the behavior applies and file saves under ~/Downloads/OpenClaw.
  3. Repeat in a second session to confirm stable path and no random temp download roots.

When to run

  • After extension relay changes.
  • When debugging failed or missing downloads in relay mode.
  • During browser automation reliability hardening.

Comments

Loading comments...