Agent Browser Cli.Bak
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a purpose-aligned browser automation skill, but users should verify the external CLI and supervise account, form, and scheduled actions.
Before installing, verify the `agent-browser` npm package and only use this skill for sites and actions you explicitly intend. Be especially careful with passwords, form submissions, account check-ins, screenshots, and any optional cron-based automation.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used on the wrong page or selector, the agent could click buttons or submit forms the user did not intend.
The skill documents broad browser-control actions, including clicking, filling fields, and submitting forms. This is central to the stated purpose, but these actions can change website or account state.
agent-browser click <sel> ... agent-browser fill <sel> "text" ... agent-browser find role button click --name "提交"
Use it only for explicitly requested browser tasks, review the target URL and selected elements, and require confirmation before submitting forms or changing account data.
The agent may handle login fields and act within authenticated web sessions if the user directs it to do so.
The form workflow includes entering username and password-like values. This is expected for browser automation, and there is no evidence of credential storage or exfiltration, but account credentials are sensitive.
agent-browser find label "用户名" fill "myuser" agent-browser find label "密码" fill "mypassword"
Avoid sharing passwords unless necessary, confirm the destination site before entering credentials, and prefer manual login or scoped temporary credentials when possible.
Installing an unverified global CLI could run code from outside the skill package.
The skill relies on installing an external global npm package and additional browser components that are not included in the reviewed artifacts. This setup is user-directed and purpose-aligned, but the package provenance is outside this scan.
npm install -g agent-browser agent-browser install
Verify the npm package, publisher, and version before installing; consider pinning a known-good version and avoiding global installs where possible.
If the user adds this to cron, browser actions may run repeatedly without a fresh prompt each time.
The skill suggests a cron-compatible script for repeated check-ins. It is disclosed and requires user setup, but it would create recurring browser activity if scheduled.
### 3. 定时签到(配合cron) 创建脚本 `~/.openclaw/scripts/daily-checkin.sh`
Only schedule the script if recurring automation is intended, keep the script scoped to one site, avoid storing secrets in it, and remove the cron job when no longer needed.