Back to skill
Skillv1.1.0
VirusTotal security
Anemone Browser · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:50 AM
- Hash
- e5d7acde83e8e672cecd395b21b1a3422975ea2e32ff126223b53bb83111b95d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: anemone-browser Version: 1.1.0 The skill provides a managed Chrome browser with VNC remote access and anti-detection features. It is classified as suspicious primarily due to the use of the `--no-sandbox` flag when launching Chrome in `scripts/start.sh`, which is a known security vulnerability that disables a critical browser security layer. Additionally, while a core feature, the VNC remote access (exposed via `websockify` in `scripts/start.sh` and instructed for agent use in `SKILL.md`) presents a high-risk capability, even with self-signed SSL and random passwords. There is no evidence of intentional malicious behavior like data exfiltration, unauthorized persistence, or covert remote execution; rather, the skill implements several security hardening measures such as binding CDP to localhost and applying Chrome policies to block `file://` access and disable DevTools.
- External report
- View on VirusTotal