ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw 浏览器自动化

v1.0.0

浏览器控制工具 - 封装 OpenClaw browser 工具,支持网页自动化、截图、点击输入等操作

0· 177·1 current·1 all-time
by@gaoren36-arch
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md clearly expects a 'browser' OpenClaw tool/CLI (commands like `browser action=...`) and references runtime behaviors (snapshots, download paths, traces). However the skill metadata declares no required binaries, no install spec, and no homepage/source — leaving an unexplained gap about how the described capabilities will actually be provided.
!
Instruction Scope
Instructions refer to local filesystem paths (/tmp/openclaw/uploads, /tmp/openclaw/downloads), starting/stopping/tracing browser sessions, capturing DOM snapshots, and interacting with logged-in sessions. These actions imply the agent will access local files, save downloads, and possibly handle credentials in-page. The skill does not explicitly declare or limit that access.
Install Mechanism
There is no install spec (instruction-only). That is lower surface risk, but combined with missing information about required runtime binaries it contributes to ambiguity rather than safety risk by itself.
Credentials
The skill declares no environment variables or credentials, which is consistent with the surface. However the instructions implicitly require filesystem and network access and access to a browser runtime. Those capabilities are not listed in requires.env or required config paths, so you should confirm what the agent runtime will expose before use.
Persistence & Privilege
The skill is not always-enabled and allows model invocation (normal). It does not request persistent system-wide configuration or claim to modify other skills. No elevated persistence is requested in the metadata.
What to consider before installing
This skill reads like a wrapper around an OpenClaw browser CLI, but the package provides no install instructions or declared binary requirement. Before installing or enabling it: (1) ask where the 'browser' runtime comes from and whether your agent environment already has OpenClaw installed; (2) confirm whether the agent will have access to local files (/tmp paths), downloads, and the network; (3) avoid running it on accounts or pages that contain real credentials until you verify its runtime and sandboxing; (4) prefer skills that include explicit install steps or a trusted source/homepage—the source is unknown here, which increases risk. If you still want to try it, test in a restricted environment with dummy pages and non-sensitive files first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aa6m2b785j5d5f5fhvm2my9833we1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments