Agent Browser Stealth
Security checks across malware telemetry and agentic risk
Overview
This skill is explicitly designed to make automated browser activity harder for websites to detect, including on bot-protected sites and logged-in sessions.
Avoid installing this skill unless you have a legitimate, authorized need to test browser automation against systems you control. Its instructions are specifically aimed at lowering bot-detection signals and preserving logged-in sessions, so using it on third-party services could violate site rules or expose your accounts.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could automate actions on websites in ways designed to avoid detection, which may bypass site security or anti-abuse controls and create account or legal risk.
This shows the skill is not just normal browser automation; it is intended to evade bot and fingerprinting defenses on protected sites.
Use when tasks involve bot-protected websites, anti-fingerprint evasion, captcha-prone flows, login persistence ... automate web actions with lower detection risk.
Do not use this for third-party sites unless you have explicit authorization. Limit any browser automation to user-owned or test environments and require user approval before actions on logged-in accounts.
The agent may operate under the user's logged-in identity and preserve access for later browser sessions.
The skill includes credential-based login automation and persistent session naming, but the metadata declares no credential requirements and the instructions do not bound session storage, retention, or cleanup.
Login flow: agent-browser --session-name account open https://example.com/login agent-browser fill @e1 "$USERNAME" agent-browser fill @e2 "$PASSWORD"
Only use disposable/test accounts where possible, avoid sharing real credentials with the agent, and require clear cleanup of stored sessions.
Installing the package would run software that was not part of this review.
The skill depends on a globally installed, unpinned external package and installer, while the submitted artifact set contains no code files for that package.
pnpm add -g agent-browser-stealth agent-browser install agent-browser --version
Review the external package source and pin a trusted version before installing or running it.