Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Browser Automation
v1.0.1Automate web browser interactions using natural language via CLI commands. Use when the user asks to browse websites, navigate web pages, extract data from websites, take screenshots, fill forms, click buttons, or interact with web applications.
⭐ 46· 32.7k·424 current·449 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The described purpose (browser automation) matches the instructions (navigate, act, extract, screenshot). However the metadata declares no required environment variables or binaries while the docs and setup.json explicitly ask for ANTHROPIC_API_KEY, optionally Browserbase API keys, Chrome, and npm-installed dependencies. That omission is an incoherence: a legitimate implementation would declare those requirements.
Instruction Scope
SKILL.md/REFERENCE instruct the agent to read .env, use an existing Chrome user profile (.chrome-profile/), save downloads to ./agent/downloads/, and automatically choose remote Browserbase if BROWSERBASE_* keys exist — selection is 'no user prompting'. Those instructions access and persist potentially sensitive data (cookies, sessions, downloads, API keys) and can send traffic to a remote service. The docs also claim use of Anthropic/Claude model which requires an API key. The instructions therefore extend beyond simple page navigation into handling credentials and persistent profiles.
Install Mechanism
The registry shows no install spec (instruction-only), yet setup.json and SKILL.md instruct running `npm install` and `npm link` to create a global 'browser' command. Moreover the skill references source (src/cli.ts) and npm dependencies but no code files or package manifest are present in the package. This mismatch is a red flag — either code is missing from the published bundle or the docs are for an external tool not actually packaged here.
Credentials
The skill metadata lists no required env vars, but setup/docs require ANTHROPIC_API_KEY and optionally BROWSERBASE_API_KEY and BROWSERBASE_PROJECT_ID. These keys are proportionate to using an LLM backend and a remote browser service, but they are not declared in the skill metadata. Additionally, persisting a Chrome profile and downloads can expose sensitive session cookies or downloaded files; that persistence should be explicit in metadata and user warnings.
Persistence & Privilege
The tool is not marked always:true, but the docs intentionally persist .chrome-profile/ and ./agent/downloads/ and recommend preserving session cookies. Persisting profiles and downloads is functionally reasonable for a browser automation tool, but combined with automatic, non-prompted selection of remote mode (if keys are present) and 'stealth' / proxy capabilities in Browserbase mode, this increases the risk surface and should be made explicit to users.
What to consider before installing
Do not install or run the npm commands from this package yet. Key concerns: (1) The package metadata claims no required env vars or binaries, but the docs and setup.json require ANTHROPIC_API_KEY, optional Browserbase API keys, Chrome, and npm dependencies — this inconsistency suggests the published bundle is incomplete or mislabeled. (2) The tool preserves a Chrome profile and saves downloads locally (./agent/downloads/), which can retain cookies, active sessions, and downloaded files — consider privacy implications. (3) Browserbase/remote mode would send browsing activity and page contents to a remote service if BROWSERBASE_* keys are present; the skill claims it will switch to that mode automatically without prompting. (4) The docs instruct running `npm install` and `npm link` for a global CLI but no source/package files are present in the bundle; running these commands from an unknown source could install arbitrary code. Before proceeding, ask the publisher for: (a) the source repository or a verified release tarball (ideally GitHub or official domain), (b) a package.json and full source to inspect, (c) corrected registry metadata that lists required env vars and permissions, and (d) details about what Browserbase is, its privacy policy, and where remote traffic is sent. If you must test: run in an isolated VM/container, do not reuse real browser profiles or credentials, and never expose real ANTHROPIC_API_KEY or other secrets until you have verified the code and origin.Like a lobster shell, security has layers — review code before you run it.
latestvk97bbx0w2aszfshcnx06qnq1w180khae
License
MIT-0
Free to use, modify, and redistribute. No attribution required.