Skillv1.0.0

ClawScan security

Browser Setup (No-Root Linux) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 5, 2026, 3:23 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and instructions are consistent with its stated purpose (installing Chrome in a no-root Linux environment); it downloads Chrome and supporting .deb packages into the user's home, creates a wrapper, and does not request credentials or system-wide privileged changes.
Guidance: This skill appears to do what it says: extract Chrome and supporting libraries into your home and create a wrapper for headless use. Before running it: (1) inspect the script yourself (it is included) and run it in a safe/test environment first; (2) be aware the wrapper/usage recommends --no-sandbox (necessary without root but weakens isolation) and starts Chrome with remote debugging — ensure the debugging port is not exposed to untrusted networks; (3) apt-get download will fetch .debs from your system's APT sources, so verify your apt sources are trusted; (4) if you need stronger assurance, replace the dl.google.com download with a pinned checksum or a signed release you verify, and run the script under a user account/container without sensitive data.

Review Dimensions

Purpose & Capability: okThe name/description match the actual behavior: the SKILL.md and script download Google Chrome, extract .deb packages, copy shared libraries and fonts into ~/local-libs and ~/.fonts, and create a wrapper. None of the required resources (no env vars, no external credentials) are unexpected for this task.
Instruction Scope: noteThe SKILL.md instructs the agent to run the included install script and to start Chrome with --remote-debugging-port and --no-sandbox. These are expected for unprivileged container usage, but --no-sandbox reduces process isolation and remote-debugging opens a CDP port that could be exposed if the host/container network is misconfigured. The instructions reference only user-home paths and OpenClaw config files; they do not request unrelated system credentials or hidden data exfiltration.
Install Mechanism: okThis is an instruction-only skill with a shipped script. The script downloads Chrome from the official dl.google.com URL and uses apt-get download to fetch dependency .debs, then extracts them into user directories using dpkg-deb -x. This approach is coherent for no-root installs. Note: apt-get download uses the system's configured APT sources (mirror integrity depends on the system's apt configuration).
Credentials: okNo credentials, secrets, or system config paths are requested. The script writes files to the user's HOME only (~/chrome-install, ~/local-libs, ~/.fonts, ~/.config/fontconfig), which is proportionate to the task.
Persistence & Privilege: okThe skill does not request permanent platform privileges or always:true. It creates files under the invoking user's home and a wrapper script; this is expected for a local install tool and does not modify other skills or global agent settings.