Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ghost Browser
v1.0.4Automated Chrome browser using nodriver for AI agent web tasks. Full CLI control with LLM-optimized commands — text-based interaction, markdown output, sessi...
⭐ 0· 447·0 current·0 all-time
byNeo The Lobster@neothelobster
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description align with what the files implement: a Python-based Chrome automation daemon using nodriver. Required binaries (python3, Chrome/Chromium) and a pip dependency on nodriver are appropriate. However the package shows signs of sloppy packaging: _meta.json version differs from registry metadata, and the repo/source/homepage are unknown — reducing traceability.
Instruction Scope
SKILL.md instructs the agent to use the local ghost-browser CLI for navigation, element interaction, and session save/load. The runtime instructions stay within the stated purpose (browser automation). They do direct the agent to persist and restore sessions (cookies/localStorage), which will store authentication state locally — expected for this functionality but sensitive.
Install Mechanism
The registry declares no install spec, but repository includes setup.sh and requirements.txt that create a venv and pip-install nodriver. That mismatch is an inconsistency. The setup.sh also tries to chmod +x a script path (scripts/ghost-browser) that does not appear in the file manifest (the provided script is scripts/stealth_browser.py), which likely means the packaged setup is broken or mismatched. Because the skill executes local Python and installs packages, you should not run setup scripts without review.
Credentials
No environment variables or external credentials are requested. The code writes state, profiles, logs, cookies and session files into ~/.openclaw/... which is proportional to a browser automation tool but means the skill will store potentially sensitive cookies/auth tokens on disk under the user's account.
Persistence & Privilege
The skill does persist state (profiles, sessions, cookies) to the user's home directory. It is not force-included (always:false) and does not request elevated system privileges, but persistence of session cookies/localStorage increases the sensitivity of what is stored locally and the blast radius if the skill were compromised.
What to consider before installing
This skill mostly does what it says (Chrome automation using nodriver), but there are packaging and install inconsistencies and it will store session cookies and profiles locally. Before installing: 1) Review the full Python script (scripts/stealth_browser.py) for any network endpoints or unexpected behavior you don't trust. 2) Do not run setup.sh blindly — it installs packages and attempts to make a CLI executable but references a non-existent path (scripts/ghost-browser), indicating a broken package. 3) Consider running the skill in an isolated environment (VM/container) or test account to avoid exposing real credentials. 4) If you plan to persist sessions, be aware cookies/localStorage are stored under ~/.openclaw/... and can contain sensitive tokens. 5) Prefer skills with an identifiable source/homepage or official releases; if you need this capability, request a corrected package (matching filenames and a clear install spec) or a signed release from the author.Like a lobster shell, security has layers — review code before you run it.
automationvk9786nb3g6exmyfrkbgxk6j0m181xj7xbrowservk9786nb3g6exmyfrkbgxk6j0m181xj7xcloudflarevk977xkz6qrdv772xcggzapn1c581xs3vlatestvk9786nb3g6exmyfrkbgxk6j0m181xj7xnodrivervk9786nb3g6exmyfrkbgxk6j0m181xj7xscrapingvk977xkz6qrdv772xcggzapn1c581xs3vstealthvk977xkz6qrdv772xcggzapn1c581xs3v
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
👻 Clawdis
Binspython3, google-chrome||chromium||/Applications/Google Chrome.app