Camoufox
MaliciousAudited by ClawScan on May 10, 2026.
Overview
This skill is explicitly designed to evade bot-detection protections and preserve logged-in sessions for later automation.
Do not install this skill for ordinary automation. It is explicitly intended to evade bot-detection controls on protected sites and to reuse logged-in sessions. If you have a legitimate authorized testing need, run it only in an isolated environment with disposable accounts, pinned dependencies, and clear profile cleanup.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could be used to bypass site protections, automate accounts in ways that violate site rules, or trigger account bans and legal/compliance issues.
The skill is built to automate protected sites while evading their bot-detection controls, rather than limiting automation to authorized testing or user-owned sites.
Anti-detect browser automation ... for bot-detection-heavy sites like X/Twitter, Naver, and other protected sites. Provides stealth browsing with OS/browser fingerprint spoofing, humanized mouse movements, and persistent sessions.
Do not use this against third-party protected sites unless you have explicit authorization; restrict any use to controlled security testing environments.
A one-time human challenge can be converted into continuing automated access, undermining protections designed to limit bots.
The workflow explicitly uses manual CAPTCHA/login completion to create a reusable automated session for protected sites.
## CAPTCHA Handling First visit to protected sites may need manual CAPTCHA ... Solve via VNC, session saves to profile for future automation.
Avoid installing this skill for general browsing automation; if used for authorized testing, require per-site approval and do not reuse challenge-solving sessions across tasks.
If the profile contains login cookies, the agent or later scripts may operate as the logged-in user on supported sites.
The script preserves logged-in browser session authority for later automation, which can act as the user's account without fresh authentication.
Session will be saved to profile for future automated use.
Use only dedicated test accounts, keep the profile isolated, delete it after use, and require explicit user approval before any authenticated action.
Sensitive session data may persist across tasks and be reused unexpectedly by future automation.
The browser context is persistent and stores state in a reusable profile directory, which can include cookies, local storage, and site data.
persistent_context=True,
user_data_dir=args.profileUse a separate disposable profile for each site or task, document retention clearly, and provide cleanup instructions for ~/.openclaw/camoufox-profile.
The installed dependency could change over time or differ from what was reviewed here.
The setup installs an external Python package without a version pin or lockfile; this is purpose-aligned but leaves provenance and update behavior to PyPI at install time.
pip install camoufox
Pin dependency versions, use a lockfile or hashes, and review the Camoufox package source before installation.
Running setup can change system packages and install executable code.
The setup script may invoke system package installation with sudo. It is disclosed and user-directed, but it modifies the local environment.
sudo apt install -y python3-venv python3-full || true
Review the script before running it and prefer installing in a controlled environment or container.