Back to skill
Skillv0.1.0
VirusTotal security
Chrome Mcp · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:26 AM
- Hash
- 54ccddae4911531ed7476ad06371bd9f9b69b4354a05959ac2e421116ab19450
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: chrome-mcp Version: 0.1.0 The skill bundle provides tools for an AI agent to control a local, authenticated Chrome browser session, including capabilities for arbitrary JavaScript execution via 'chrome__evaluate' and instructions for destructive actions like deleting social media posts in SKILL.md. While these features are consistent with the stated purpose of browser automation, the ability to manipulate a user's live, logged-in web environment represents a high-risk capability that could be leveraged for unauthorized actions if the agent is misdirected. The reliance on a local fallback script (~/.claude/skills/chrome-cdp/scripts/cdp.mjs) also assumes a specific, potentially sensitive environment.
- External report
- View on VirusTotal