Back to skill
Skillv1.0.7
VirusTotal security
Ghost Browser · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:35 AM
- Hash
- eee81f10094b2333451aa879d3afd5be8f90f7dd96fed3d423d424c67293f784
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ghost-browser Version: 1.0.7 The OpenClaw Ghost Browser skill is a powerful browser automation tool that, while transparently disclosing its capabilities, includes several high-risk features. The `scripts/ghost_browser.py` daemon allows arbitrary JavaScript execution (`eval`), file uploads (`upload`), and on macOS, uses `osascript` to automate Chrome extension loading. While these are presented as necessary for browser automation and anti-bot evasion (e.g., patching mouse events, evading reCAPTCHA), the `osascript` primitive, in particular, can interact with the operating system's GUI and execute arbitrary AppleScript, which is a significant capability that could be misused. The skill stores sensitive session data (cookies, localStorage) locally, which is disclosed. There is no evidence of intentional malicious behavior like data exfiltration to external endpoints or unauthorized persistence, but the inherent power of these capabilities warrants a 'suspicious' classification due to the potential for exploitation if the agent or its prompts are compromised.
- External report
- View on VirusTotal