Browser Session Manager
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with the wrong URL or session file, authentication tokens could be replayed or exposed in a way that gives access to the user's Jimeng account session.
The helper reads an arbitrary session JSON file and applies all included cookies and storage to a browser session for a caller-supplied URL, without a Jimeng domain allowlist or filtering of sensitive tokens.
async function applySessionData(url, sessionJsonPath, options = {}) ... const sessionData = JSON.parse(fs.readFileSync(sessionJsonPath, 'utf8')) ... await context.addCookies(cookies) ... localStorage.setItem(key, value)Restrict the helper to explicit Jimeng domains, validate cookie domains before use, filter only required keys, and require clear user approval before loading exported session data.
Following this guidance may violate service rules, trigger account restrictions, or enable automation beyond normal user-controlled usage.
The guidance explicitly recommends alternate IP/proxy use when the service rate-limits automated access, which can bypass provider controls and amplify automated activity.
**Rate limited:** - Add delays between requests - Use different IP/proxy if heavily rate-limited
Remove rate-limit bypass guidance and instead tell users to respect provider limits, reduce request volume, and stop automation when rate-limited.
Running the script may submit generation requests and spend account credits without an additional in-script confirmation step.
The script can automatically click the logged-in Jimeng generation submit button, which is purpose-aligned but performs an account action that may consume credits.
const submitBtn = await page.locator('button[class*="submit"], button[class*="send"], [class*="circle"]:has(svg), button:has([class*="arrow"])').last();
await submitBtn.click({ timeout: 10000 });Add an explicit confirmation or dry-run mode before submitting jobs, especially when account credits or paid usage may be affected.
If the visited website or browser is compromised, disabling the sandbox can increase local system risk.
The skill launches Chromium against external web content with sandbox protections disabled, which is common in some containers but weakens browser isolation.
const browser = await chromium.launch({
headless,
args: ['--no-sandbox', '--disable-setuid-sandbox']
});Avoid disabling the browser sandbox unless the runtime requires it, and document the risk when these flags are necessary.
Users must supply/install dependencies themselves and cannot verify dependency versions from the provided skill metadata.
The package provenance is limited and there is no install spec, even though the artifacts include runnable Node/Playwright scripts and documentation requiring external tools.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Provide a clear install spec or package manifest with pinned dependencies and a project homepage or source repository.