Babata Browser v3.0
PassAudited by ClawScan on May 11, 2026.
Overview
This is a coherent Playwright browser automation helper, but it can control live webpages, run page JavaScript, fill forms, and take screenshots, so users should use it only for intended browsing tasks.
This skill appears purpose-aligned for browser automation. Before installing, use a Python virtual environment, be cautious with the Playwright/Chromium install step, avoid entering real credentials or sensitive data, confirm before the agent submits forms or changes account data, and consider running it in an isolated environment because Chromium is launched with sandboxing disabled.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may be able to interact with webpages on your behalf, including submitting forms or triggering site actions.
The skill openly exposes browser actions that can click, submit, fill forms, and run JavaScript in the page context. This is aligned with browser automation, but it can affect live websites if used carelessly.
| `click(text=, sel=)` | Click by text or CSS | Pagination, submit, nav | ... | `fill(sel, val)` | Fill input | Search box, login form | ... | `execute_js(code)` | Run JS | Element scan, smart wait |
Use it for clearly scoped browsing tasks, and require explicit confirmation before submissions, purchases, account changes, or other irreversible actions.
If a malicious webpage exploits the browser, the lack of sandboxing could increase the impact on the local environment.
The browser is launched with Chromium's sandbox disabled. That may be intended for automation compatibility, but it reduces isolation when loading untrusted webpages.
self.browser = self.playwright.chromium.launch(
headless=self.headless,
args=['--no-sandbox', '--disable-dev-shm-usage']
)Prefer running this skill in a container or other isolated environment, and remove `--no-sandbox` when it is not required.
Sensitive values entered into forms may be repeated back into the conversation or logging context.
The generic form-fill helper echoes the filled value back in its return message. If used with passwords, tokens, or personal data, that data could appear in agent output or logs.
def fill(self, page, selector, value):
...
el.fill(value)
return f"Filled {selector} with: {value[:50]}"Do not use the generic fill helper for secrets, or modify it to redact values before returning status messages.
Installing the skill may add Python packages and a browser runtime to the local environment.
The documented setup installs Playwright and a Chromium browser binary through user-run commands. This is expected for Playwright automation, but it is external installation activity not represented by an install spec.
pip install playwright && python -m playwright install chromium cd skills/babata-browser && pip install -e .
Install in a virtual environment and review package sources before running the setup commands.