Back to skill
Skillv1.0.0
VirusTotal security
Stealth Browser · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:15 AM
- Hash
- b71b9e9f892e90f1e32a1c78353188fcf80e666bf5cad9bf3acc51520fbdd8cc
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: stealth-browser Version: 1.0.0 This skill is classified as suspicious due to its inherent high-risk capabilities and broad permissions granted to the AI agent. It is designed for 'stealth browser automation' with 'anti-detection,' 'Cloudflare bypass,' 'CAPTCHA solving,' and 'persistent sessions.' While these align with its stated purpose, the skill instructs the agent to automatically save sensitive login sessions (cookies, localStorage) to `~/.clawdbot/browser-sessions/` after a user logs into a website, without explicit per-login confirmation. It also handles CAPTCHA API keys and proxy credentials stored in `~/.clawdbot/secrets/` and uses `subprocess.run` in `scripts/task_runner.py`, which, while currently used for task management, represents a powerful capability. There is no clear evidence of intentional malicious behavior like unauthorized data exfiltration, but the nature of the operations and the automatic handling of sensitive data warrant a 'suspicious' classification.
- External report
- View on VirusTotal