Back to skill
Skillv1.0.0
VirusTotal security
Agent Browser Qw · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:17 AM
- Hash
- edb500bc4901ada24d536e3ca52af2544c9df93e12f97dd7dbceefa105ed9e13
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-browser-qw Version: 1.0.0 The skill bundle provides a wrapper for the 'agent-browser' CLI, exposing high-risk capabilities in SKILL.md such as arbitrary JavaScript execution ('eval'), session state persistence ('state save'), and direct access to sensitive browser data including cookies and local storage. While these features are aligned with the stated purpose of browser automation, they represent a significant attack surface for data exfiltration and session hijacking if the AI agent is misdirected. The installation instructions also involve global npm installs and system-level dependency management, which are high-risk operations.
- External report
- View on VirusTotal