Skillv1.0.0

ClawScan security

Chrome Extension Relay Helper - Mac · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 1, 2026, 4:14 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with its stated purpose (attaching a Chrome relay extension on macOS); it performs intrusive but explained actions (killing Chrome, patching Chrome preferences, taking a debug screenshot) which are justified by the described workflow.
Guidance: This skill appears to do exactly what it says, but it performs intrusive actions that you should accept knowingly: it will kill any running Chrome processes (pkill -9), modify your Chrome Default Preferences file to suppress restore prompts, and write debug screenshots to ~/.openclaw/media. Before using it: (1) back up your Chrome profile (~/Library/Application Support/Google/Chrome) if you have unsaved tabs or important state, (2) inspect the brew tap/package before installing Peekaboo, (3) confirm you are comfortable granting Accessibility permission to your node binary (required so Peekaboo can send clicks), (4) ensure the OpenClaw extension is loaded and pinned at ~/.openclaw/browser/chrome-extension as documented, and (5) run the script manually the first time so you can observe its behavior (it is not auto-installed). If any of these operations are unacceptable (killing Chrome or modifying preferences), do not install or run the skill.

Review Dimensions

Purpose & Capability: okThe name/description match the included script and instructions: the skill locates and clicks the OpenClaw Relay extension icon via the macOS accessibility tree so the browser(profile="chrome") relay can be attached. Required tools (Peekaboo) and the node Accessibility permission are explained and reasonably related to the task.
Instruction Scope: noteThe instructions and script do several system-level things that are explicitly documented: kill Chrome (pkill -9), patch ~/Library/Application Support/Google/Chrome/Default/Preferences to suppress restore dialogs, open and maximize Chrome, inspect the accessibility tree, click the extension icon, and save a debug screenshot to ~/.openclaw/media. All of these are within the skill's stated goal, but they are intrusive operations that affect the user's Chrome state and could cause data loss if unsaved tabs/windows exist.
Install Mechanism: okThis is an instruction-only skill with a shell script; no install spec is run by the skill itself. The README suggests installing Peekaboo via a Homebrew tap (steipete/tap/peekaboo). Using a third-party Homebrew tap is an explicit user instruction and not executed automatically by the skill; users should audit that tap before installing, but the install suggestion is coherent with the documented dependency.
Credentials: noteThe skill requests no secrets or environment variables. It does require granting Accessibility permission to the node binary (to allow Peekaboo to send UI events), and it reads/writes the Chrome Preferences JSON and writes diagnostic screenshots to ~/.openclaw/media. Those accesses are proportionate to the task but touch sensitive browser state (Preferences) and user files, so users should be aware and back up Chrome state if needed.
Persistence & Privilege: okThe skill is not always-enabled and does not request persistent platform privileges. It does not modify other skills or system configurations beyond the documented per-user Chrome Preferences patch and writing to ~/.openclaw/media; those changes are self-contained and described in the SKILL.md.