browserbase-sessions
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a powerful Browserbase automation skill with disclosed logged-in browser persistence, but it also includes an under-disclosed ChatGPT/Suno automation helper and default CAPTCHA, recording, and persistence features that warrant careful review.
Install only if you intentionally need powerful Browserbase automation for authorized sites. Use separate workspaces for each site, disable recording/logging or CAPTCHA solving when inappropriate, avoid sensitive accounts unless necessary, share live-control links privately, and do not run the included dedication automation script unless you specifically trust and need it.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could interact with authenticated websites or protected pages, and mistakes could change account data or violate site rules.
This gives the agent broad control over logged-in browser sessions and CAPTCHA-protected flows, which is high-impact unless tightly scoped by the user.
preserve authentication (cookies, local storage) across interactions, automatically solve CAPTCHAs, and record sessions for later review
Use only on sites where you are authorized to automate, require explicit approval before purchases/posts/account changes, and disable CAPTCHA solving when it is not appropriate.
Installing the skill brings along an extra automation path that may operate on third-party logged-in accounts if run.
The included runnable helper automates a specific ChatGPT/Suno song workflow using logged-in browser contexts, which is not disclosed by the skill name, description, or main Browserbase session-management command surface.
node scripts/dedication_automation.mjs --dedication "<what to say>" ... --chatgpt-url Custom GPT URL for Suno Hitmaker ... --context-id Browserbase context id with ChatGPT + Suno logged in
Do not run the dedication script unless you intentionally want that workflow; maintainers should remove it or document it clearly as an optional example.
Logged-in sessions, browsing history, and page activity may remain available in Browserbase contexts, recordings, logs, or local workspace state.
The skill stores and reuses sensitive browser state and records/logs browsing activity by default, which can retain private account data beyond the immediate task.
Persist authentication across sessions using Contexts (cookies, local storage, session storage are saved and restored automatically) ... Recording ON by default ... Logging ON by default
Use separate workspaces per site, disable recording/logging for sensitive work, stop sessions after use, and delete Browserbase contexts you no longer need.
Anyone with the API key may be able to use the user's Browserbase project and associated browser sessions.
The Browserbase credential use is expected for the integration, but the key grants access to create and manage cloud browser sessions in the user's project.
If BROWSERBASE_API_KEY or BROWSERBASE_PROJECT_ID is missing, ask the user for them
Store the API key in environment/config rather than public chat, scope it if possible, and rotate it if exposed.
Someone who receives the live-control link may be able to view or control the cloud browser session.
Live remote-control URLs are purpose-aligned for handoff, but they can expose a logged-in browser session if shared in the wrong place.
Whenever a browser is opened ... immediately share the human remote-control link ... human_handoff.share_url
Share live-control links only in private trusted channels and terminate sessions when handoff is complete.
Running setup may download and install packages/browsers on the user's machine.
The skill can install Python dependencies and Playwright Chromium as part of setup; this is central to the browser automation purpose but modifies the local environment.
If commands fail due to missing Python deps ... run: python3 {baseDir}/scripts/browserbase_manager.py installRun setup in a virtual environment or controlled workspace and review scripts/requirements.txt before installing.