ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ghost Browser

v1.0.7

Automated Chrome browser using nodriver for AI agent web tasks. Full CLI control with LLM-optimized commands — text-based interaction, markdown output, sessi...

1· 728·4 current·5 all-time
byNeo The Lobster@neothelobster
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binaries (python3 + Chrome/Chromium), the nodriver requirement in requirements.txt, the CLI wrapper, Python daemon, and a small extension to patch pointer events all align with an automated Chrome/browser-control skill.
Instruction Scope
Runtime instructions direct the agent to run the ghost-browser CLI for navigation, element inspection, form fill, session save/load, page reading, screenshots, file download/upload, and JS eval. Those actions are expected for browser automation, but the skill will read and write persistent state (profiles, sessions, cookies) under the user's home directory (~/.openclaw/.../ghost-browser/state) and exposes an eval command (arbitrary JS execution) and download/upload functionality — capabilities that are powerful and should be used only for trusted pages/tasks.
Install Mechanism
No centralized install spec, but setup.sh creates a local Python venv under the skill directory and installs nodriver from PyPI (requirements.txt). This is a normal install method for Python tools but does pull code from the public package index (pip). There are no suspicious remote downloads or URL shorteners in the provided files.
Credentials
The skill does not request external environment variables or unrelated credentials. It stores profiles, session files, and logs under a workspace directory in the user's home — expected for a browser that saves cookies and localStorage, but those stored session artifacts can contain sensitive authentication tokens.
Persistence & Privilege
The skill creates a local virtual environment, an executable CLI wrapper, and persistent state files under the user's home directory. It is not marked always:true and does not modify other skills; persistent state and executable creation are expected for this kind of tool but represent lasting changes on the host.
Assessment
This skill is coherent for browser automation, but review and accept these trade-offs before installing: it will create a .venv and write state, profiles, sessions, cookies, and logs under ~/.openclaw/.../ghost-browser/state — session files may contain sensitive auth tokens, so avoid saving secrets there. The setup script installs nodriver from PyPI (ensure you trust that package/version). The daemon exposes commands for arbitrary JS eval, download/upload, and network logging; only navigate it to trusted pages and consider running the skill in an isolated environment (container or VM) if you have sensitive data on the host. If you want extra assurance, inspect scripts/ghost_browser.py and extensions content, and run setup.sh manually to review pip install output before use.

Like a lobster shell, security has layers — review code before you run it.

automationvk97bddcp1avs7kvzartyy2ahyx81xh7pbrowservk97bddcp1avs7kvzartyy2ahyx81xh7platestvk97fteftfnz1dja92hthev4p6n825155nodrivervk97bddcp1avs7kvzartyy2ahyx81xh7p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

👻 Clawdis
Binspython3, google-chrome||chromium||/Applications/Google Chrome.app

Comments