Back to skill
Skillv1.0.4
VirusTotal security
Ghost Browser · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:36 AM
- Hash
- c8f5c2d92bb063bb2d85bfa825400baf2c692564abf9305c543983bed2c3e418
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: neo-stealth-browser Version: 1.0.4 The OpenClaw AgentSkills skill bundle 'neo-stealth-browser' is classified as suspicious due to its powerful capabilities that, while intended for legitimate browser automation and anti-bot evasion, pose significant risks if misused. Key indicators include the `eval` command in `scripts/stealth_browser.py` and `SKILL.md`, allowing arbitrary JavaScript execution within the browser context. Additionally, the skill supports downloading files from arbitrary URLs (`_handle_download` in `stealth_browser.py`) and installing/loading Chrome extensions (`cmd_install_extension`, `_handle_load_extension`), which could be exploited to fetch and execute malicious payloads or install compromised browser extensions. While the skill's documentation and code include defensive prompt injection and transparency regarding data storage, these powerful primitives, combined with advanced anti-detection techniques (e.g., mouse event patching, human-like clicks, reCAPTCHA evasion), elevate the risk profile to suspicious, as they could facilitate sophisticated attacks if the agent is compromised or given malicious instructions.
- External report
- View on VirusTotal