ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Browser Backup

v1.0.0

A fast Rust-based headless browser automation CLI with Node.js fallback that enables AI agents to navigate, click, type, and snapshot pages via structured co...

0· 111·0 current·3 all-time
by@lorexxar·fork of @thesethrose/agent-browser (0.2.0)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md describes a Rust-based CLI with a Node.js fallback but the skill metadata only declares node/npm as required binaries. The installation instructions reference pnpm and git (and a GitHub repo), and the description implies a Rust component (which would normally suggest a Rust toolchain/cargo). These build/runtime tooling mentions are not reflected in the declared required binaries/metadata and the source/homepage are unknown — this mismatch is unexplained and worth verifying.
Instruction Scope
The instructions are focused on browser automation and list many expected commands (navigate, snapshot, click, fill, screenshot, record, upload, set headers, set credentials, cookies/storage access). That scope is appropriate for a browser automation CLI, but several commands allow access to sensitive artifacts (cookies, localStorage, file uploads, headers, and HTTP basic auth). There are no instructions that directly command reading unrelated system files, but the agent running this CLI could be used to capture or transmit page content or local files — so usage should be restricted and monitored.
Install Mechanism
This is an instruction-only skill (no install spec, no code files). That keeps the platform risk low. However, the SKILL.md suggests running network installs (npm install -g agent-browser, agent-browser install --with-deps) and building from source via git + pnpm; those client-side install steps will fetch remote code and dependencies, so users should verify the upstream package/repo before running them locally.
Credentials
The skill declares no required environment variables or credentials, which is proportionate for a CLI wrapper. However, the CLI supports setting HTTP headers, credentials, and uploading local files at runtime — these capabilities can be used to access or transmit secrets or local data even if no env vars are requested. The metadata also omits pnpm/git/cargo which are referenced by the docs; that omission should be clarified.
Persistence & Privilege
The skill does not request always:true and is user-invocable. The default ability for the agent to invoke the skill autonomously is set to false in the flags? (platform default is allowed) — this is normal. There is no evidence the skill modifies other skills or system-wide configs.
What to consider before installing
This skill is a wrapper for an external CLI and is instruction-only, but there are a few red flags to check before installing or giving it broad access: 1) Verify the upstream package/repo: confirm the npm package owner and inspect the GitHub repository (npm view agent-browser, check repository code and releases). 2) Confirm required tooling: SKILL.md uses pnpm, git and implies Rust — ensure you have the right toolchain and understand what 'agent-browser install --with-deps' will fetch. 3) Run in a sandbox: because the CLI can read cookies, storage, take screenshots, and upload files, run it in an isolated container or throwaway environment until you trust it. 4) Limit agent privileges: avoid letting an autonomous agent use this skill on sensitive sites or local files, and avoid providing secrets/credentials unless absolutely necessary. 5) If you plan to build from source, inspect build scripts for network downloads or native binaries. Resolving the declared vs. documented tooling mismatch (pnpm/git/cargo vs. node/npm) would raise confidence; until then treat the package with caution.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fwd7344v4shd1n3f40cm29d834kdk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Binsnode, npm

Comments