v1.0.0

Fox Camoufox

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:35 AM.

Analysis

This skill does what it says, but it is a stealth browser that can reuse logged-in sessions on protected sites, so it should be reviewed carefully before use.

GuidanceInstall only if you specifically need authorized Camoufox-based automation. Use a separate browser profile and preferably a dedicated account, review the setup script before running it, avoid storing sensitive logins, and require explicit confirmation before the agent performs any authenticated or public-facing action.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Anti-detect browser automation ... bot-detection-heavy sites like X/Twitter, Naver ... stealth browsing with OS/browser fingerprint spoofing, humanized mouse movements, and persistent sessions.

The skill is explicitly designed to evade bot-detection controls and automate protected sites, and it does not define limits or approval gates for what the agent may do once browsing.

User impactThe agent could use stealth browsing to interact with protected services in ways that may put accounts, platform access, or compliance with site rules at risk.

RecommendationUse only for authorized testing or tasks you are allowed to automate, and require explicit user approval before any login, posting, purchasing, account change, or other high-impact action.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

scripts/setup.sh

pip install --upgrade pip
pip install camoufox
...
sudo apt install -y xvfb || true

The user-directed setup installs an unpinned Python package and may install OS packages with sudo, which is purpose-aligned but should be reviewed before running.

User impactRunning setup changes the local environment and trusts the current upstream package contents.

RecommendationReview the setup script, consider pinning package versions, and run it in an isolated environment if possible.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

scripts/login_session.py

Session will be saved to profile for future automated use.

Manual logins are stored as reusable browser sessions, giving future automation delegated access to the user's logged-in accounts.

User impactAfter you log in through this profile, the agent may be able to revisit sites as you without re-entering credentials.

RecommendationUse a dedicated low-risk account/profile, protect or delete `~/.openclaw/camoufox-profile` when done, and require approval for any authenticated action.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

persistent_context=True,
    user_data_dir='~/.openclaw/camoufox-profile'

The browser profile persists cookies, site state, and potentially sensitive authenticated browsing context across tasks, with no retention or cleanup guidance.

User impactPrivate site state can carry over into later automation, causing unexpected logged-in access or reuse of sensitive browsing context.

RecommendationCreate separate profiles per site or task, clear the profile after use, and avoid storing sessions for sensitive accounts unless necessary.