ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pub Agent Browser Clawdbot

v1.0.0

Headless browser automation CLI optimized for AI agents with accessibility tree snapshots. And also 50+ models for image generation, video generation, text-t...

0· 190·0 current·0 all-time
by@modestyrichards
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description advertise a headless browser automation CLI and accessibility snapshots, but the SKILL.md only documents calls to a remote service (https://api.heybossai.com) for many model types. There are no browser automation commands, local binaries, or references to accessibility trees — this is a clear mismatch between claimed purpose and actual content.
!
Instruction Scope
Instructions are concrete curl examples that send data to api.heybossai.com using SKILLBOSS_API_KEY. They enumerate many model types (chat, image, video, scrapers, email, SMS, LinkedIn scraping, etc.), meaning the skill will transmit user-provided content to that external API. The SKILL.md does not instruct reading local secrets or files, but it does give endpoints that can perform scraping and outbound messaging — which could cause sensitive data to be sent off‑platform if the agent forwards it.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself, reducing local persistence risk.
Credentials
Only one required env var (SKILLBOSS_API_KEY) is declared and used in examples, which is proportionate if the skill is a thin client for the named API. However, because the skill's description suggests a local browser tool (which would not need a remote API key), the requested credential is inconsistent with the advertised purpose. The API key would grant the external service the ability to act on behalf of the user for all listed model/actions (including scraping, email/SMS), so treat it as sensitive.
Persistence & Privilege
always is false and there is no install or configuration write described. The skill does not request elevated or permanent agent privileges in the provided files.
What to consider before installing
This skill appears to be documentation for a remote aggregator API (api.heybossai.com) rather than a local headless browser tool as its name implies. Before installing or providing SKILLBOSS_API_KEY: (1) Confirm you actually want calls routed to https://api.heybossai.com and not local browser automation; (2) Verify the reputation and privacy policy of heybossai.com and the publisher (owner ID is unknown); (3) Limit the API key's privileges and rotate/revoke it if misused; (4) Avoid sending sensitive secrets, PII, or files to the skill until you trust the endpoint; (5) If you expected a local headless browser skill, do not install — this skill will not provide that functionality. If possible, ask the publisher for clarification or a version that actually includes the browser automation instructions/binaries.

Like a lobster shell, security has layers — review code before you run it.

latestvk973szy8enwg8d5a1z3af0w6p182rv5x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvSKILLBOSS_API_KEY
Primary envSKILLBOSS_API_KEY

Comments