ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Daxiang Electron

v1.0.0

Automate Electron desktop apps (VS Code, Slack, Discord, Figma, Notion, Spotify, etc.) using agent-browser via Chrome DevTools Protocol. Use when the user ne...

0· 33·1 current·1 all-time
by@daxiangnaoyang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the SKILL.md: the document describes launching Electron apps with --remote-debugging-port and controlling them via the agent-browser CLI. No unrelated binaries, env vars, or installs are requested.
Instruction Scope
Instructions stay on-task (launch app with remote debugging, connect with agent-browser, snapshot, click, screenshot, extract text). They do not instruct reading unrelated system files or fetching external URLs. However, the workflow explicitly requires relaunching apps with --remote-debugging-port and connecting a debugger, which legitimately exposes the app's DOM and runtime and therefore any in-app data (messages, tokens, etc.). This is expected for the stated purpose but is a sensitive operation.
Install Mechanism
Instruction-only skill with no install spec or code files. No downloads or packages are installed by the skill itself, which minimizes supply-chain risk.
Credentials
The skill requires no credentials or config paths. It references one optional env var (AGENT_BROWSER_COLOR_SCHEME) for display preferences. Nonetheless, connecting to CDP grants access to potentially sensitive application state—so the lack of requested credentials does not eliminate privacy risk.
Persistence & Privilege
always is false and the skill does not request persistent system or cross-skill configuration changes. It does instruct the agent to launch apps, which is normal for automation but not privileged beyond the local user's permissions.
Assessment
This skill is coherent for automating Electron apps and doesn't ask for unrelated credentials or install steps, but it works by enabling remote debugging on desktop apps. Enabling --remote-debugging-port and connecting a debugger exposes the app's internal DOM and runtime (which can include messages, tokens, files, or other sensitive data). Only use this on machines and accounts you control or on test copies of apps. Before running: (1) confirm you trust the agent-browser tool and run it locally, (2) avoid connecting to accounts with private data, (3) monitor network and process activity while debugging, (4) quit the app and relaunch it normally after automation, and (5) verify agent-browser's provenance if you haven't installed it previously.

Like a lobster shell, security has layers — review code before you run it.

latestvk974txpev1p9mwy58vtj6d6czn83yyeg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments