Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Browser Local Chrome
v1.1.0Configure and manage local Chrome in debug mode for browser automation with OpenClaw, enabling SSRF whitelist and browser status checks.
⭐ 0· 39·0 current·0 all-time
byLike Liu@liulike
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the implemented actions: scripts start/stop Chrome in CDP mode, configure OpenClaw to attach to the local CDP port, and provide status/troubleshooting tools. There are no unrelated credentials, external downloads, or unexpected network endpoints.
Instruction Scope
SKILL.md and the scripts instruct the agent/user to read and overwrite the user's OpenClaw configuration file (~/.openclaw/openclaw.json or %USERPROFILE%\.openclaw\openclaw.json) and to restart the gateway. This is necessary for the stated goal but is a system-level config change; the scripts also execute system commands (launching Chrome, taskkill/killall) which is expected for start/stop behavior.
Install Mechanism
No remote install or downloads are defined; this is an instruction-and-script skill shipped with source files. Packaging scripts exist but use local system zip/archiver tools—no external code fetches or URL downloads were observed.
Credentials
The skill requests no credentials or env vars, but it directly reads/writes the user's OpenClaw configuration and uses process.env.USERPROFILE (Windows-centric). The most important concern is that configure-browser.js sets ssrfPolicy.dangerouslyAllowPrivateNetwork = true, which intentionally broadens SSRF access to private networks — this is functionally justified by the skill but is a high-impact, security-sensitive change that should be explicitly authorized by the user/administrator.
Persistence & Privilege
The skill is not always-enabled and does not request special platform privileges, but it does modify a system-level OpenClaw configuration file (global browser/ssrf settings). That modification persists until reverted and affects other OpenClaw browser behavior, so it carries system-wide impact even though it's coherent with the skill's purpose.
Assessment
This skill appears to be what it claims, but it will modify your OpenClaw config to enable 'dangerouslyAllowPrivateNetwork', giving the browser access to internal and private network addresses. Before installing/running: 1) Back up your OpenClaw config (~/.openclaw/openclaw.json or %USERPROFILE%\.openclaw\openclaw.json). 2) Review and confirm you accept enabling private-network SSRF access (consider using hostnameAllowlist instead). 3) Inspect the scripts (they invoke Chrome, call kill/taskkill/killall, and execute openclaw gateway restart instructions). 4) Run them in a trusted environment only and close the debug Chrome when finished. 5) Note cross-platform caveats: configure-browser.js uses USERPROFILE (Windows) and some default chrome paths may not match your system—adjust _meta.json or the scripts as needed.scripts/package.js:85
Shell command execution detected (child_process).
scripts/setup.js:21
Shell command execution detected (child_process).
scripts/simple-package.js:40
Shell command execution detected (child_process).
scripts/start-chrome.js:52
Shell command execution detected (child_process).
scripts/stop-chrome.js:96
Shell command execution detected (child_process).
scripts/troubleshoot.js:72
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97227sa4bxrx9cmvk80f9ec3584t468
License
MIT-0
Free to use, modify, and redistribute. No attribution required.