Browser
MaliciousAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: browser Version: 1.0.0 The skill provides a standard headless browser utility using Puppeteer to extract text content from URLs. The code in index.js is straightforward and functional, and the documentation in SKILL.md and README.md accurately describes its purpose without any indicators of malicious intent, data exfiltration, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Opening untrusted web pages through this skill could expose the local runtime to more risk than a sandboxed browser would.
The skill intentionally renders user-provided URLs in a headless browser, and the browser is launched with sandbox protections disabled. This is aligned with the browser-reading purpose, but it reduces containment if a malicious page exploits the browser.
browser = await puppeteer.launch({ args: ['--no-sandbox', '--disable-setuid-sandbox'] }); ... await page.goto(url, { waitUntil: 'networkidle2' });Use this skill in an isolated environment when browsing untrusted sites, and consider removing the no-sandbox flags if the runtime supports Chromium sandboxing.
Installation may depend on whatever Puppeteer package version is available in the environment, which can affect reliability and supply-chain reviewability.
The skill depends on Puppeteer, but the provided artifacts do not include an install specification, package.json, or lockfile to define the exact package version or installation source.
## Dependencies - `puppeteer`
Prefer a reviewed install spec or pinned package manifest before installing or running the skill in a sensitive environment.