ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawhub Publish 146198

v0.2.0

Automate web browsing tasks like navigation, form filling, clicking, and data extraction using a fast Rust-based headless browser with Node.js fallback.

0· 279·0 current·0 all-time
by@gxw975·duplicate of @gxw975/clawhub-publish-146156

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for gxw975/clawhub-publish-146198.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Clawhub Publish 146198" (gxw975/clawhub-publish-146198) from ClawHub.
Skill page: https://clawhub.ai/gxw975/clawhub-publish-146198
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install clawhub-publish-146198

ClawHub CLI

Package manager switcher

npx clawhub@latest install clawhub-publish-146198
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The described capability (browser automation via an 'agent-browser' CLI) is coherent with the skill's description and examples. However, the registry metadata/packaging labels in the bundle do not match the SKILL.md (registry slug is 'clawhub-publish-146198' while the SKILL.md and _meta.json refer to 'agent-browser' and the ownerId values differ), which raises provenance and supply-chain questions.
Instruction Scope
SKILL.md only instructs installing and invoking an external CLI (agent-browser) and gives commands for navigation, fill, click, snapshot. The instructions do not ask the agent to read unrelated files or env vars. Still, the runtime behavior of the CLI will be able to interact with pages that include credentials and sensitive data, so the instructions implicitly enable capture/exfiltration if the CLI is malicious or misused.
Install Mechanism
There is no formal install spec in the bundle; the SKILL.md asks the user to run 'npm install -g agent-browser'. Installing an arbitrary npm package globally is a moderate-risk operation because npm packages may run lifecycle scripts or download binaries. The skill does not provide a homepage, source repo, checksum, or verified release URL to validate the package before installing.
Credentials
The skill declares no required environment variables or credentials, which matches the SKILL.md. However, the tool's intended use (automating logins/forms) means it will see any credentials the user enters into pages it automates — the skill does not explicitly declare how such data is handled or transmitted.
Persistence & Privilege
The skill does not request always:true and does not claim special persistent privileges. It's user-invocable and may be used autonomously by the agent (default), which is normal for skills; no extra persistent system-wide changes are indicated in the bundle.
What to consider before installing
This skill instructs you to globally install an npm package (agent-browser) but provides no homepage or source to inspect. Before installing: 1) verify the package on the npm registry and check the package owner, repository link, and recent publish history; 2) review the package source code or repository for postinstall scripts or downloads; 3) avoid global install as root — prefer a sandbox/container or scoped environment; 4) be cautious about automating logins or sensitive pages with untrusted CLI tools (they can capture credentials); and 5) ask the publisher for consistent metadata (matching slug/owner) and a canonical homepage/source. The metadata mismatch (different slugs/ownerIds between registry and _meta.json/SKILL.md) is the main red flag here.

Like a lobster shell, security has layers — review code before you run it.

latestvk9735vev78swe6fygmme7cysjd82tpe5
279downloads
0stars
1versions
Updated 10h ago
v0.2.0
MIT-0
@gxw975
latest
Download

Agent Browser

A fast Rust-based headless browser automation CLI with Node.js fallback that enables AI agents to navigate, click, type, and snapshot pages via structured commands.

When to use

  • Automating web interactions (login, form fill, scraping)
  • Extracting structured data from pages
  • Testing web UIs or workflows
  • Filling forms programmatically

Prerequisites

  • Node.js ≥ 18
  • npm install -g agent-browser (run once to install CLI)

How it works

  1. agent-browser open <url> → launch browser & navigate
  2. agent-browser snapshot -i → get interactive elements with stable refs (e.g., @e1)
  3. Use refs to interact: click @e1, fill @e2 "text", wait @e3
  4. agent-browser close → clean up

Key capabilities

  • Snapshot with accessibility tree or interactive-only mode
  • Precise element interaction (click/fill/hover/drag/upload)
  • Wait conditions (element visible, URL change, network idle)
  • Screenshot, PDF export, video recording
  • Cookie/storage/network control
  • Tab/window/frame management
  • JSON output for programmatic parsing

Example

agent-browser open https://example.com/login
agent-browser snapshot -i
agent-browser fill @e1 "user@example.com"
agent-browser fill @e2 "password123"
agent-browser click @e3
agent-browser wait --url "/dashboard"

Comments

Loading comments...