ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Google Webmcp

Connect to Google Search and Gemini through the built-in local-mcp Google adapter and one fixed UXC link. Use when the user wants to run Google searches, cha...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 50 · 1 current installs · 1 all-time installs
by@jolestar
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md describes connecting to Google Search and Gemini via a local webmcp bridge and an authenticated browser profile, which is consistent with the skill name. However, the registry metadata claims no required binaries or config paths while the instructions explicitly require 'uxc', 'npx', Playwright browsers, and reference a default profile path (~/.uxc/webmcp-profile/google). Those prerequisites are real and should be declared in the manifest. The skill also delegates to scripts in another skill (webmcp-bridge), which creates a hidden dependency not declared in the registry metadata.
Instruction Scope
Runtime instructions tell the agent to run local CLI commands (google-webmcp-cli), check and bootstrap authentication, open a headed browser session, navigate pages, and download images. These actions are within the stated purpose (operating Google/Gemini through a local adapter) but they operate on a local authenticated browser profile that can contain sensitive tokens/cookies. The SKILL.md includes guardrails (stay on Google hosts, isolate profile) but they are advisory only and not enforced by the skill code.
Install Mechanism
This is instruction-only with small helper scripts included; there is no remote download or install spec. No extract or arbitrary remote code fetch is present in the files provided, which keeps install risk low.
!
Credentials
The skill requests no environment variables and no explicit config-path permissions in the metadata, yet it expects access to a specific local profile path (~/.uxc/webmcp-profile/google) and requires local binaries (uxc, npx) and Playwright-installed browsers. Access to an authenticated browser profile is sensitive because it could expose cookies, sessions, and other secrets. The manifest should declare these config paths and required binaries to match what the instructions actually use.
Persistence & Privilege
always:false and the agent policy allows implicit invocation (allow_implicit_invocation: true) in agents/openai.yaml. Autonomous invocation is the platform default and is not by itself a red flag. The skill does not request permanent platform-wide privileges or attempt to modify other skills' configs in the files provided.
What to consider before installing
This skill appears to do what it says (drive Google Search and Gemini through a local WebMCP adapter) but the manifest omits real prerequisites and relies on your local authenticated browser profile. Before installing: 1) Inspect and trust the 'google-webmcp-cli' binary and the referenced webmcp-bridge scripts (they will be executed via the helper scripts). 2) Only use this skill with an isolated browser profile (do not point it at your primary browser profile with active sessions for other sites). 3) Ensure 'uxc', 'npx', and Playwright browsers are installed and accept that the skill will open a headed browser session that can access local profile data. 4) If you need strict guarantees, ask the author to update the manifest to declare required binaries and the config path (~/.uxc/webmcp-profile/google) and to document exactly what the ensure-links helper will change. Because of the undisclosed prerequisites and access to a local authenticated profile, proceed cautiously.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk97a4jj36yt99q63643cd09gcd83kky9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Google WebMCP

Use this skill to operate Google Search and Gemini through the built-in --site google bridge preset in @webmcp-bridge/local-mcp.

For generic bridge setup patterns or non-Google sites, switch to $webmcp-bridge.

Prerequisites

  • uxc is installed and available in PATH.
  • npx is installed and available in PATH.
  • Network access to https://www.google.com and https://gemini.google.com.
  • On a fresh machine, or under an isolated HOME, install Playwright browsers first with npx playwright install.
  • Gemini is auth-sensitive. Expect bootstrap_then_attach behavior when the profile is not signed in yet.

Core Workflow

  1. Ensure the fixed Google link exists:
    • command -v google-webmcp-cli
    • if missing or pointed at the wrong profile, run skills/google-webmcp/scripts/ensure-links.sh
  2. Inspect the bridge and tool schema before calling tools:
    • google-webmcp-cli -h
    • google-webmcp-cli search.web -h
    • google-webmcp-cli gemini.chat -h
    • google-webmcp-cli gemini.image.download -h
  3. Check authentication state first when Gemini may need sign-in:
    • google-webmcp-cli bridge.session.status
    • google-webmcp-cli auth.get
    • if the session is not ready, start bootstrap or switch to headed:
      • google-webmcp-cli bridge.session.bootstrap
      • google-webmcp-cli bridge.session.mode.set '{"mode":"headed"}'
      • google-webmcp-cli bridge.open
  4. Use search tools for public search results:
    • google-webmcp-cli search.web '{"query":"playwright browser automation","limit":10}'
    • google-webmcp-cli page.get
  5. Use Gemini through the same authenticated browser profile:
    • text: google-webmcp-cli gemini.chat '{"prompt":"Summarize these results","mode":"text","timeoutMs":180000}'
    • image: google-webmcp-cli gemini.chat '{"prompt":"a watercolor fox reading documentation","mode":"image","timeoutMs":300000}'
    • download current visible images: google-webmcp-cli gemini.image.download '{"limit":4,"timeoutMs":120000}'
  6. Use debug and navigation helpers only when necessary:
    • google-webmcp-cli page.navigate '{"url":"https://gemini.google.com/app"}'
    • google-webmcp-cli page.inspect '{"limit":20}'
  7. Parse JSON output only:
    • success path: .ok == true, consume .data
    • failure path: .ok == false, inspect .error.code and .error.message

Default Target

The built-in preset uses:

--site google

The default profile path is:

~/.uxc/webmcp-profile/google

Refresh the link with:

skills/google-webmcp/scripts/ensure-links.sh

Guardrails

  • Keep the Google profile isolated from other sites.
  • Google uses bootstrap_then_attach; do not expect Gemini tools to work until the managed profile is authenticated.
  • Prefer explicit bridge.session.mode.set over relaunching the command to change runtime mode.
  • Long Gemini generations can legitimately take minutes. Increase timeoutMs instead of spawning parallel retries.
  • gemini.image.download works on visible generated images in the current or target conversation. Do not assume it can recover images that are no longer visible.
  • page.navigate must stay on Google-owned hosts only.
  • If the user closes the visible Google window manually, the headed owner session ends. Run google-webmcp-cli bridge.open again if you still need a visible session on the same profile.

References

  • Common command patterns:
    • references/usage-patterns.md
  • Link creation helper:
    • scripts/ensure-links.sh

Files

5 total
Select a file
Select a file to preview.

Comments

Loading comments…