Agent Browser Qw
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a legitimate browser automation wrapper, but it exposes browser cookies, localStorage, and credentials without clear scope or safeguards.
Install only if you need agent-driven browser automation. Verify the external agent-browser package first, use a separate browser profile or test account, and do not allow the agent to access cookies, storage, credentials, uploads, or live account actions without explicit approval.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could read or alter session data for sites opened in the automated browser, which may affect logged-in accounts.
These commands can expose or modify browser session state that may contain authentication cookies, tokens, or account data, and the artifact does not define which domains/profiles are in scope or require confirmation before use.
agent-browser cookies # Get all cookies agent-browser cookies set name value # Set cookie agent-browser cookies clear # Clear cookies agent-browser storage local # Get all localStorage
Use an isolated browser profile or test account, avoid sensitive logged-in sessions, and require explicit user approval before cookie, storage, credential, or header commands.
Poorly scoped tasks could cause unwanted clicks, submissions, or file uploads on websites.
The skill exposes browser actions that can submit forms or upload user-selected files. This is aligned with browser automation, but it can have real effects on websites if used on live accounts.
agent-browser click @e1 # Click agent-browser fill @e2 "text" # Clear and type agent-browser upload @e1 file.pdf # Upload files
Supervise use on important accounts, prefer test environments, and confirm before submissions, purchases, posts, or uploads.
The safety of the installed CLI depends on the external package and its current dependency chain, not just this skill file.
The skill is instruction-only and relies on installing an external, unpinned npm CLI and its browser dependencies, so the actual executable code is not present in the reviewed artifact set.
npm install -g agent-browser agent-browser install agent-browser install --with-deps
Verify the npm package and upstream repository, consider pinning a known-good version, and install in a controlled environment.