Win11 Visible Browser Automation
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: win11-visible-browser Version: 1.0.0 The skill bundle enables remote control of a Windows browser from WSL2 via the Chrome DevTools Protocol (CDP) and automates system-level network modifications. Specifically, the PowerShell script 'start-win11-browser-cdp-for-openclaw.ps1' modifies Windows Firewall rules and configures a network portproxy to expose the browser's debugging port. While the implementation includes defensive measures such as restricting firewall access to the WSL subnet and providing detailed safety instructions in 'SKILL.md', the inherent risk of automated host-level security configuration and remote browser manipulation warrants a suspicious classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the personal browser profile is used, the agent may be able to view pages and operate websites as the logged-in user.
CDP access to a personal browser profile can act within already-authenticated sessions, so it is powerful account-level access even though it is disclosed and purpose-aligned.
Use when browser automation should share the user's real visible browser session, existing tabs, cookies, logins, and state
Prefer the dedicated browser profile by default and only use a personal profile after explicit user approval.
Misuse of browser automation could change accounts, submit forms, or make purchases, but the skill tells the agent to ask before doing so.
The skill can drive high-impact browser and system actions, but the instructions explicitly require confirmation and risk/rollback disclosure first.
Before state-changing actions, state what/where/risk/rollback and wait for explicit confirmation. State-changing actions include ... sending forms/messages, purchases, or account actions.
Do not approve state-changing browser, account, payment, firewall, or configuration changes unless the action and rollback are clear.
If the firewall rule were made too broad, other machines could potentially reach the browser control interface.
The script exposes the CDP relay on a Windows listening address and relies on the firewall remote address restriction to keep it limited to WSL/Hyper-V.
netsh interface portproxy add v4tov4 listenaddress=0.0.0.0 listenport=$RelayPort connectaddress=127.0.0.1 connectport=$CdpPort ... New-NetFirewallRule ... -RemoteAddress $RemoteCidr
Verify the firewall rule is restricted to the WSL/Hyper-V CIDR and never expose the CDP port to the LAN or Internet.
If a scheduled task is created, browser CDP startup/repair behavior may persist across sessions.
The documentation contemplates an optional startup/repair scheduled task and provides rollback guidance; the included PowerShell script does not create the task itself.
Startup task | `OpenClaw-Start-Windows-Browser-CDP` ... Unregister-ScheduledTask -TaskName 'OpenClaw-Start-Windows-Browser-CDP'
Only create a scheduled task with explicit approval, and remove it with the documented rollback command if it is no longer needed.