Claude Chrome
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could click, navigate, submit forms, or perform other browser actions without stopping for confirmation.
The skill instructs use of a permission-bypass flag as the standard workflow for browser automation, removing per-action approval for a tool that can interact with web pages.
`--dangerously-skip-permissions` — auto-approve all actions (required for automation); `Always use --dangerously-skip-permissions for automated runs`
Use this only for narrow, trusted tasks. Prefer a dedicated browser profile or test account, and avoid auto-approval for sensitive sites or actions that can post, purchase, change settings, or submit data.
If Chrome is signed in to websites, the automation may act within those web sessions or read page content available to that browser context.
The skill relies on delegated Chrome extension permissions and gives Claude Code broad browser interaction authority, but does not define domain, profile, account, or action boundaries.
Claude Code gains browser tools — it can navigate pages, click elements, fill forms, read content, and more. ... Domain permissions ... may require user approval for new domains
Grant domain permissions deliberately, use a separate Chrome profile with minimal logins, and avoid running this against accounts or pages where unintended clicks or form submissions would matter.
A browser task may keep operating after the user thinks it failed or timed out.
The skill normalizes browser automation continuing after an apparent command error or timeout, without clear stop, kill, or monitoring instructions.
Commands will error immediately but continue running in the background. Results arrive via system messages when complete. ... Be aggressive with timeouts - commands complete in background even after gateway timeout
Add explicit process monitoring and cancellation steps, avoid long-running background browser sessions, and confirm completion before starting sensitive follow-up tasks.
The safety of the workflow depends on the separately installed Claude Code CLI and Chrome extension, which were not reviewed here.
The skill itself is instruction-only and depends on an external Claude Code binary, while the registry metadata does not provide a source or homepage for provenance review.
Source: unknown; Homepage: none; Required binaries (at least one): claude
Install Claude Code and its Chrome extension only from trusted official sources and keep them updated.