ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Fox Chrome Devtools Mcp

v1.0.0

Chrome DevTools MCP — Google's official browser automation and testing server. Control Chrome via Puppeteer through MCP protocol: click, fill forms, navigate...

0· 41·2 current·2 all-time
byGarfieldQin@qinthqod·fork of @aiwithabidi/chrome-devtools-mcp (1.0.0)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (MCP control of Chrome) match the instructions and included script: Node/npm usage, optional Chrome/Chromium, and an OpenClaw MCP server config. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md only instructs installing/running the chrome-devtools-mcp npm package via npx and adding an MCP entry to openclaw.json. The supplied Python script performs expected checks (node, npx, Chrome paths, openclaw.json) and offers a test start; it does not read or transmit unrelated secrets or contact unknown endpoints beyond npm/npx/Chrome (expected for this tool).
Install Mechanism
There is no formal install spec in the package; instructions use npx -y chrome-devtools-mcp@latest which will fetch and execute code from the npm registry at runtime. That is expected for this kind of integration but represents the usual supply-chain risk of running code fetched from npm and of using the unpinned "latest" tag.
Credentials
The skill declares no required environment variables, no credentials, and checks only reasonable local paths (Chrome and a Playwright cache path). It does read ~/.openclaw/openclaw.json to look for existing config, which is relevant to its purpose.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and only suggests adding an MCP server entry to the agent config (it prints the config but does not write to global settings). Autonomous invocation is allowed (platform default) but is not combined with other high-risk factors here.
Assessment
This skill appears to be what it claims: an integration for controlling Chrome via the chrome-devtools-mcp npm package. Before installing, consider: (1) npx -y chrome-devtools-mcp@latest will fetch and run code from the npm registry — pin a specific, audited version instead of relying on 'latest' to reduce supply-chain risk; (2) run the MCP server in a sandboxed environment (container/VM) if you'll be browsing untrusted sites or handling sensitive data, since browser sessions can expose form data and credentials; (3) disable telemetry/performance CrUX flags as shown if you don't want traces or usage stats sent externally; and (4) review your openclaw.json after adding the MCP entry. No unexplained credential or file access was found in the provided files.

Like a lobster shell, security has layers — review code before you run it.

latestvk978vfrscz5zxgbxh88fpvfnt183r3pw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis

Comments