Nextbrowser
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill openly enables autonomous logged-in browser automation with persistent cookies, residential proxies, browser stealth, and CAPTCHA solving, which is high-impact and lacks clear safety limits.
Review carefully before installing. This is not just a cloud browser helper: it is designed to automate logged-in online accounts using persistent sessions, proxies, stealth, CAPTCHA solving, and autonomous subagents. Only use it for authorized tasks, with narrow account/profile scopes and explicit approval before any session reuse or online action.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could automate logged-in online accounts in ways that are hard for websites to detect, potentially causing account bans, unwanted posts or changes, policy violations, or abuse of third-party services.
This combines autonomous account control with anti-detection infrastructure, residential proxies, and CAPTCHA solving. Those capabilities can bypass normal website protections and perform high-impact online actions without the artifact defining strong user-approval or scope limits.
Primary use is creating browser sessions with profiles (persisted logins/cookies) that Openclaw can control to manage social media and other online accounts. Secondary use is running task subagents for fast autonomous browser automation under residential proxy, browser stealth, and CAPTCHA solving capability.
Only use this with explicit per-task approval, clear allowed sites/accounts/actions, and no stealth, proxy, or CAPTCHA-solving features unless you have a legitimate, authorized need.
If installed, the agent may use the Nextbrowser account and spend credits or access configured browser resources without the registry clearly signaling that credential requirement.
The skill requires a provider API key even though the registry metadata lists no primary credential or required config paths. This is sensitive delegated authority and is under-declared in the provided metadata.
API Key is read from openclaw config at `skills.entries.next-browser.apiKey`.
Declare the API key as a credential/config requirement and ensure the user explicitly approves when the agent may use it, spend credits, or create browser sessions.
A later autonomous task could inherit an already logged-in session and act as the user on a website, even if the user did not intend that specific account/session to be reused.
Persistent browser state can carry sensitive login context from one task to another. The artifact does not clearly bound which accounts may be reused, how long the state is retained, or how reuse is approved.
Profiles persist cookies and login state across browser sessions. Create one, log into your accounts in the browser, and reuse it.
Use separate profiles per account and task, require explicit confirmation before reusing a logged-in profile, and document deletion/retention controls.
Autonomous browser workers could continue performing online actions or consuming provider credits unless the user carefully controls their scope and shutdown.
The skill advertises autonomous subagents, but the provided artifact does not define containment, stopping conditions, action approvals, or limits on what those subagents may do with logged-in browser profiles.
Secondary use is running task subagents for fast autonomous browser automation
Require explicit user approval before starting any autonomous task/subagent, define maximum runtime and allowed actions, and always stop browser sessions when finished.