Brave Browser
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only Brave Browser skill is coherent and safety-oriented, with sensitive browser operations tied to explicit user approval and scoped local memory.
This skill appears safe to install if you want help operating Brave. Before approving actions, confirm the target profile, avoid using your daily logged-in profile for testing, approve remote debugging only temporarily, and do not store secrets, seed phrases, or detailed browsing history in ~/brave/.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If remote debugging is enabled carelessly, a tool or agent could inspect or control browser tabs and session state.
Remote debugging can permit observation or control of the browser, but the artifact explicitly gates it on user approval and recommends scoped profiles and duration limits.
Enable remote debugging only when the user explicitly approves it. Before enabling: ... choose a dedicated test or automation profile ... define how long the port should stay open ... verify whether the task needs observation only or active control
Only approve remote debugging for a specific task, prefer a disposable or automation profile, and turn it off when finished.
Browser profile changes can affect logged-in accounts, saved sessions, synced settings, or wallet-related permissions.
The skill may interact with account sessions, cookies, sync, and wallet-adjacent browser state, which are sensitive identity and privilege boundaries; the artifact also clearly requires approval.
Ask for explicit approval before enabling remote debugging, clearing profile data, importing wallet or sync state, changing global Shields defaults, or opening multiple sensitive sites. Treat login sessions, cookies, private windows, sync, and wallet data as user-sensitive state.
Confirm the exact profile and account scope before approving changes, and never provide seed phrases or unrelated credentials.
Stored profile notes, site fixes, or automation defaults could shape future troubleshooting and browser changes.
The skill creates persistent local context that may be reused in later Brave tasks; this is purpose-aligned but can influence future actions if inaccurate or overly broad.
Keep only durable Brave operating context in `~/brave/`: approved profiles ... known site fixes ... allowed automation posture, remote-debugging defaults, and no-go actions
Allow persistence only if useful, keep it limited to operational preferences, and review or delete ~/brave/ entries that are outdated or sensitive.
A local extension, startup page, or default-setting change could affect other synced Brave installations.
Browser changes can propagate through Brave Sync to other devices, but the artifact explicitly calls out the risk and requires confirmation.
Sync can spread changes across devices. Before changing extension state, startup pages, or browser defaults, confirm whether Brave Sync is active and whether the user wants those changes to propagate.
Check whether Sync is active before approving browser-default or extension changes, and prefer reversible per-profile changes.