ClawMe
WarnAudited by ClawScan on May 10, 2026.
Overview
ClawMe is a disclosed browser-automation skill, but it can use your logged-in Chrome sessions to post, email, click, fill forms, and extract page content through an external service.
Install this only if you intentionally want an agent to control your real Chrome browser. Use a separate browser profile, keep sensitive accounts signed out, verify every action before executing it, and understand where the ClawMe token, instructions, and extracted page content are sent.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If misused or reviewed too quickly, the agent could queue actions that change accounts, submit forms, or publish content in the user's real browser.
The skill exposes broad browser actions that can create public posts, draft or send emails, fill and submit forms, click arbitrary page controls, and chain actions into workflows.
Fill forms, tweet, email, click, extract ... compose_tweet ... compose_email ... fill_form ... click ... User sees a workflow card with progress bar and can execute all steps sequentially.
Use only when you intend browser automation, carefully review every side-panel action before executing it, and avoid one-click multi-step workflows for sensitive sites.
Actions may occur with your existing logged-in permissions on email, social media, business, financial, or other sensitive websites.
The automation operates with whatever accounts are already logged into Chrome, but the artifacts do not bound which sites, accounts, or session privileges may be used.
Unlike headless browsers, ClawMe runs in the user's real browser with their actual login sessions.
Prefer a dedicated Chrome profile with only the accounts needed, sign out of unrelated sensitive sites, and rotate or revoke the ClawMe token when not in use.
Private page text or data visible in your logged-in browser could be sent back through the service and into the agent context.
Instructions and extracted browser content are routed through a ClawMe backend by default, and the artifacts do not describe data retention, origin validation, or limits on what extracted page content can be returned.
POST ${CLAWME_BASE_URL:-https://api.clawme.net}/v1/instructions ... X-ClawMe-Token: ${CLAWME_CLIENT_TOKEN} ... Result (extracted text) is reported back to the agent.Do not use extraction on sensitive pages unless you trust the backend and understand its data handling; consider using the local backend URL if available.
You cannot verify from these artifacts how the extension or backend enforces confirmation, protects tokens, or handles extracted browser data.
The supplied package does not include the Chrome extension or backend implementation that will receive the token and browser instructions, so those components are outside this artifact review.
Source: unknown; Homepage: none; No code files present — this is an instruction-only skill.
Install the extension only from a trusted source, review its permissions, and verify the provider's security and privacy documentation before connecting real accounts.