Back to skill
Skillv0.1.0
VirusTotal security
Agent Browser · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 22, 2026, 9:06 PM
- Hash
- 4fdb23dff5fed2386deb2ae42f5c0c902175457c1035bc1956429df5f4021f8f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-browser-8 Version: 0.1.0 The skill bundle provides a comprehensive browser automation CLI with several high-risk capabilities, including arbitrary JavaScript execution in the browser context (eval), session token and cookie extraction (state save), and network request interception/modification (network route). While these features are plausibly necessary for the stated purpose of web automation and the documentation includes security-focused features like domain allowlisting and action policies, the broad programmatic control over browser sessions and sensitive authentication data represents a significant attack surface for potential misuse or prompt injection. Key indicators are found in SKILL.md, references/commands.md, and references/authentication.md.
- External report
- View on VirusTotal