Back to skill
Skillv1.0.0
VirusTotal security
Use My Browser · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:35 AM
- Hash
- e9c75e000c7e889c2ecb38029b292d52fed373bcd297f3f6919ada72963f9c42
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: use-my-browser Version: 1.0.0 The skill provides tools to control the user's active Chrome browser and execute arbitrary JavaScript (`tmwd_exec`) within the context of authenticated web sessions, sharing all cookies and login states. While these high-risk capabilities are aligned with the stated purpose of browser automation, they create a significant attack surface for session hijacking and data exfiltration. Additionally, the setup requires installing a third-party userscript from a GitHub repository (lsdefine/pc-agent-loop), which introduces supply chain risks.
- External report
- View on VirusTotal