Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Browser Local
v1.0.0A fast Rust-based headless browser automation CLI with Node.js fallback that enables AI agents to navigate, click, type, and snapshot pages via structured co...
⭐ 0· 111·3 current·7 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (browser automation CLI) align with the declared requirements (node, npm) and the SKILL.md focuses on using an agent-browser CLI. However there are mismatches in metadata: the registry lists slug 'agent-browser-local' and ownerId 'kn789…', while _meta.json claims slug 'agent-browser', ownerId 'kn72…', and a different version (0.2.0 vs registry 1.0.0). Source/homepage fields are 'unknown'/none. These inconsistencies suggest the package may be copied or repackaged and its provenance is not verified.
Instruction Scope
SKILL.md instructions stay within the stated purpose: install the agent-browser CLI and run navigation, snapshot, and interaction commands. The instructions do not ask the agent to read unrelated files or environment variables. One runtime action to note: 'agent-browser install --with-deps' implies the CLI may download or install additional native dependencies when invoked.
Install Mechanism
There is no formal install spec in the skill bundle (instruction-only), which is lower risk for static content. But SKILL.md recommends 'npm install -g agent-browser' and 'agent-browser install[ --with-deps]', which will run external package installs and may trigger npm install-time scripts or download native artifacts. Because the skill bundle doesn't provide a verifiable source/homepage or pinned release URL, the npm install step is a provenance risk.
Credentials
The skill declares no required environment variables or credentials, and SKILL.md does not request secrets or other unrelated system configuration. This is proportional for a CLI wrapper that operates via local browser automation.
Persistence & Privilege
The skill is not marked always:true and uses the platform default for autonomous invocation. It does not request to modify other skills or system-wide config in the provided instructions. No additional persistence or elevated privileges are requested.
What to consider before installing
The skill's commands and required binaries (node/npm) are coherent with a browser-automation CLI, but the package provenance is unclear: registry metadata, _meta.json, and lack of a homepage/source mismatch. If you plan to install or allow an agent to run 'agent-browser install' or run 'npm install -g agent-browser', do the following first: (1) verify the npm package and its publisher on the npmjs.com registry, (2) inspect the package's install scripts and repository (git clone the upstream repo) before running installs, (3) prefer installing in an isolated environment (container or VM) so any native deps or postinstall scripts cannot affect your main system, and (4) avoid running automated agents with permission to execute arbitrary npm/global installs until provenance is confirmed. If you want, I can help look up the npm package, inspect its repository, or suggest safer alternatives.Like a lobster shell, security has layers — review code before you run it.
latestvk9716a4a9wt21s2jvm8pz4r71h8342wx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🌐 Clawdis
Binsnode, npm