critical
malicious.stealth_browser_abuse
- Location
- SKILL.md:19
- Finding
- Browser automation advertises stealth/anti-detection behavior with bot-protection bypass and persistent sessions.
Playwright (scripts) + npx
MaliciousAudited by Static analysis on May 10, 2026.
Overview
Detected: malicious.stealth_browser_abuse, suspicious.dynamic_code_execution
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A script can click buttons, fill fields, scrape pages, or submit forms on sites the browser can access.
Why it was flagged
The skill intentionally grants broad browser automation capability, including actions that could submit forms or interact with websites.
Skill content
Use for web scraping, screenshots, form automation, and any browser task requiring programmatic control.
Recommendation
Review scripts before running them, especially on logged-in sites or when a script will submit forms, upload files, purchase items, or change account settings.
What this means
If the saved session file is exposed, copied, or committed, someone or another script may be able to reuse the logged-in browser session.
Why it was flagged
The example saves and reloads browser authentication/session state, which can allow future browser runs to act as the logged-in user.
Skill content
const SESSION_FILE = 'tmp/session.json'; ... context = await browser.newContext({ storageState: SESSION_FILE }); ... await context.storageState({ path: SESSION_FILE });Recommendation
Keep session files private, do not commit them, delete them when no longer needed, and consider using a dedicated test account for automation.
What this means
The installed package and browser binaries become part of the local execution environment.
Why it was flagged
The setup instructs the user to install Playwright and browser binaries from external package/tooling sources; this is expected for Playwright but depends on package provenance and version resolution.
Skill content
npm install playwright npx playwright install chromium
Recommendation
Install in a project or sandbox you trust, use a lockfile or pinned version for repeatability, and follow normal npm supply-chain hygiene.
Findings (3)
critical
suspicious.dynamic_code_execution
- Location
- examples/scrape.mjs:19
- Finding
- Dynamic code execution detected.
critical
suspicious.dynamic_code_execution
- Location
- scripts/scrape-template.mjs:33
- Finding
- Dynamic code execution detected.