ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Remote Chrome CDP

v1.0.0

Control Chrome/Chromium via CDP (Chrome DevTools Protocol) — open tabs, navigate URLs, take screenshots, execute JS. Supports local and remote machines via S...

1· 126·0 current·0 all-time
byNoé Rivera@noestelar
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the content of SKILL.md: instructions and examples all focus on enabling Chrome's remote debugging port, connecting to it (locally or via SSH tunnel), and issuing CDP commands (including a Python WebSocket example). The skill requires no unrelated binaries or credentials.
Instruction Scope
Instructions stay within the stated purpose, but they explicitly recommend logging into a Google account or using a real profile to enable sync/shortcuts. That is functional for the feature but increases the danger surface because CDP access to a profile can expose cookies, stored credentials, extensions, and browsing data. The document also advises SSH tunneling (correct) — forward the port only to trusted endpoints.
Install Mechanism
This is instruction-only with no install spec or downloads — lowest install risk. The only third-party dependency mentioned is 'websocket-client' (pip), which is reasonable for the provided Python example.
Credentials
No environment variables, credentials, or config paths are required by the skill metadata. The SKILL.md does instruct creating a user-data-dir under the user's home, which is expected and proportional to the goal.
Persistence & Privilege
Skill is not always-enabled and allows normal user invocation; it does not request or change other skills' configurations or system-wide settings. The Raycast script example will start Chrome when invoked, which is reasonable and scoped to the user's environment.
Assessment
This skill appears to do what it says, but be careful: enabling Chrome's remote debugging port gives full programmatic control of the browser (navigate pages, run JS, read DOM, access cookies/localStorage and extensions). Before using: (1) Prefer a dedicated profile (--user-data-dir) that does NOT contain your primary logged-in profile or saved credentials unless you understand the risk; (2) never expose the remote-debugging port to the public internet — use an SSH tunnel or secure mesh (Tailscale) and only to/from trusted hosts; (3) protect SSH access with strong keys and limit forwarding; (4) remove or kill tunnels when done and ensure Chrome is launched with the intended profile; (5) review commands/scripts (pkill, ssh, etc.) before running; (6) consider using ephemeral or sandboxed environments if you will connect this to untrusted code. The skill itself requests no secrets, but CDP access can be used to exfiltrate sensitive browser data, so treat the capability as highly privileged.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fhgkq0z4w5jc4767fyjr9158397sb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments