Win11 Visible Browser Automation
PassAudited by ClawScan on May 11, 2026.
Overview
This skill is coherently documented for visible Windows browser control from WSL2, but it should be treated as powerful access to a logged-in browser and Windows network settings.
Use this only if you need OpenClaw in WSL2 to control a visible Windows browser. Prefer the dedicated browser profile, review the PowerShell script before running it elevated, verify CDP is restricted to WSL/Hyper-V only, and require explicit confirmation before any account, payment, form, firewall, portproxy, configuration, or scheduled-task change.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the personal browser profile is used, the agent may be able to view pages and operate websites as the logged-in user.
CDP access to a personal browser profile can act within already-authenticated sessions, so it is powerful account-level access even though it is disclosed and purpose-aligned.
Use when browser automation should share the user's real visible browser session, existing tabs, cookies, logins, and state
Prefer the dedicated browser profile by default and only use a personal profile after explicit user approval.
Misuse of browser automation could change accounts, submit forms, or make purchases, but the skill tells the agent to ask before doing so.
The skill can drive high-impact browser and system actions, but the instructions explicitly require confirmation and risk/rollback disclosure first.
Before state-changing actions, state what/where/risk/rollback and wait for explicit confirmation. State-changing actions include ... sending forms/messages, purchases, or account actions.
Do not approve state-changing browser, account, payment, firewall, or configuration changes unless the action and rollback are clear.
If the firewall rule were made too broad, other machines could potentially reach the browser control interface.
The script exposes the CDP relay on a Windows listening address and relies on the firewall remote address restriction to keep it limited to WSL/Hyper-V.
netsh interface portproxy add v4tov4 listenaddress=0.0.0.0 listenport=$RelayPort connectaddress=127.0.0.1 connectport=$CdpPort ... New-NetFirewallRule ... -RemoteAddress $RemoteCidr
Verify the firewall rule is restricted to the WSL/Hyper-V CIDR and never expose the CDP port to the LAN or Internet.
If a scheduled task is created, browser CDP startup/repair behavior may persist across sessions.
The documentation contemplates an optional startup/repair scheduled task and provides rollback guidance; the included PowerShell script does not create the task itself.
Startup task | `OpenClaw-Start-Windows-Browser-CDP` ... Unregister-ScheduledTask -TaskName 'OpenClaw-Start-Windows-Browser-CDP'
Only create a scheduled task with explicit approval, and remove it with the documented rollback command if it is no longer needed.