ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tap

v0.1.2

AI browser automation protocol — run pre-built skills for 41 sites, or forge new ones. MCP native, deterministic, zero AI at runtime.

0· 55·1 current·1 all-time
by@leonting1010
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description, required binary 'tap', and brew install all match a browser-automation tool. No unrelated environment variables or config paths are requested. One note: the skill claims it can publish/post to many sites but does not declare any API credentials — this implies it will act using your active browser sessions (via the extension), which is coherent but important to understand.
!
Instruction Scope
Runtime instructions direct installing a Chrome extension with the 'debugger' permission and using page APIs (click/type/screenshot/fetch). Those capabilities let Tap read and act on the active tab (including logged-in sessions) and could exfiltrate data. The workflow also encourages running community scripts via 'tap install' and forging new taps (inspect/verify/save), which involves executing or persisting JavaScript from external sources into ~/.tap — a real execution/exfiltration vector. The SKILL.md claims the extension only activates when invoked and doesn't request cookies/<all_urls>, but the debugger API can still access page content and CDP-level data; that should be verified in the actual extension manifest and source.
Install Mechanism
Install uses a Homebrew formula from a GitHub tap and points to GitHub Releases — both standard distribution paths (moderate risk). The build-from-source path uses 'deno compile' with broad flags (--allow-read/write/net/env/run) which, if performed blindly, grants the build step wide host access; review source and CI if you intend to build locally. No arbitrary HTTP download from obscure hosts is instructed.
Credentials
No environment variables or external credentials are requested, which is consistent if Tap operates via the browser session. That means actions like posting will use whatever accounts are logged into your browser — a permission model shift versus API-key-based tools. The absence of declared credentials is coherent but increases risk because browser sessions contain sensitive auth state.
!
Persistence & Privilege
always:false (good), but the skill is meant to be registered as an MCP server entry so the agent can invoke it autonomously. Combined with the extension's debugger privilege and the ability to install/execute community taps, this gives an autonomous agent a large blast radius (it could drive your browser and act as your logged-in user). The skill does persist user-forged taps under ~/.tap, which is expected, but any community taps should be reviewed before execution.
What to consider before installing
This tool is coherent for browser automation but comes with real privileges: the Chrome extension's debugger permission lets Tap read and control active tabs (including logged-in accounts), and 'tap install' can bring in and run community JavaScript stored under ~/.tap. Before installing: (1) inspect the GitHub repo, the Homebrew formula, and the extension manifest and source to confirm the debugger usage and no hidden permissions; (2) review community taps before running them; (3) if possible run Tap in an isolated browser/profile without sensitive logins or sync enabled; (4) prefer building from source after auditing code or verifying the release build provenance in CI; (5) avoid enabling autonomous invocation unless you accept that an agent could drive your browser using your active sessions. Proceed only if you are comfortable with those risks or can sandbox the browser environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk979jadzw6mywb9pkteg2cbzn983wt5m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🪶 Clawdis
Binstap

Install

Homebrew
Bins: tap
brew install LeonTing1010/tap/tap

Comments