ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Safari Browser Control

v1.0.0

Control Safari on macOS with AppleScript, safaridriver, screenshots, tab navigation, and real-browser read, click, and type workflows.

0· 221·0 current·0 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The declared requirements (osascript, safaridriver, screencapture, and a ~/safari/ config path) directly support AppleScript-based real-session control, screenshots, and WebDriver usage described in the README. No unrelated binaries, cloud credentials, or external services are requested.
Instruction Scope
SKILL.md and the companion documents keep actions narrowly scoped to Safari control: read probes, permission checks, AppleScript snippets, safaridriver usage, screenshot capture, and local memory files. The instructions explicitly require user approval before sensitive actions (activating remote automation, taking screenshots, typing into live tabs) and do not instruct the agent to read or exfiltrate unrelated system data or call external endpoints.
Install Mechanism
This is an instruction-only skill with no install step and no archived downloads or third-party packages. Nothing is written to disk by an installer beyond the local memory files the skill itself suggests creating (~/safari/), which is appropriate for the stated design.
Credentials
No environment variables or external credentials are requested. The only persisted path is ~/safari/, which the skill uses for durable control defaults, permission state, and snippets; this is proportionate to an agent that automates and remembers Safari-related setup and guardrails.
Persistence & Privilege
always:false (good) and user-invocable:true (expected). The agent is allowed to invoke the skill autonomously by default (disable-model-invocation:false), which is normal for skills but means an agent could run osascript/screencapture/safaridriver if the platform and macOS permissions permit. The SKILL.md correctly emphasizes explicit user approval before enabling automation or screen recording; users should be mindful when granting those macOS permissions to the terminal app the agent runs under.
Assessment
This skill is coherent for real Safari control but touches highly sensitive UI/session surfaces. Before installing or enabling it: (1) Only approve Automation (Apple Events) and Screen Recording for terminal apps you trust and only when you explicitly want the agent to control your live Safari session. (2) Prefer using WebDriver mode (safaridriver) for tasks that don't need your actual logged-in tabs or cookies—it's safer and isolated. (3) Review the ~/safari/ files the skill will create; make sure they don't store raw page contents, passwords, or other secrets. (4) Revoke Automation/Screen Recording permissions when you no longer need automation. (5) If you want to prevent any autonomous actions, disable model invocation for the skill or require explicit confirmation in each session.

Like a lobster shell, security has layers — review code before you run it.

latestvk972mrdjw0fwe8qw5hca8dg1qx82v92t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧭 Clawdis
OSmacOS
Binsosascript, safaridriver, screencapture
Config~/safari/

Comments