Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Pub Agent Browser
v1.0.0A fast headless browser automation CLI that enables AI agents to navigate, click, type, and snapshot pages. And also 50+ models for image generation, video g...
⭐ 0· 191·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description advertise a 'fast headless browser automation CLI' but SKILL.md contains only curl examples and model/API documentation for https://api.heybossai.com/v1 (many models). There are no browser automation commands, binaries, or local tooling described. The declared SKILLBOSS_API_KEY is consistent with the docs but not with the advertised local/browser automation purpose — this is a clear mismatch.
Instruction Scope
Runtime instructions tell the agent to call an external API (api.heybossai.com) for chat, image/video/tts/stt, scraping, email, SMS, document parsing, storage, etc. The agent is guided to upload data (audio, images, documents, base64 audio) and download results. While the skill does not instruct reading local secrets or arbitrary files explicitly, it enables sending potentially sensitive content to a third party. No instructions implement local headless browser automation despite the skill name.
Install Mechanism
No install spec and no code files — this is instruction-only, so nothing is written to disk by the skill itself. That reduces installation risk. The primary remaining risk is network I/O to the external API.
Credentials
The skill requests a single env var, SKILLBOSS_API_KEY, which is appropriate for an API-based skill. However, that single key grants broad capabilities (access to 50+ models, email/SMS/send, storage, document parsing, scraping). Given the mismatch between the advertised browser purpose and the API functionality, the breadth of operations that the key enables is disproportionate to what a user might expect from a 'browser' skill and could permit data exfiltration or actions the user did not intend.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent presence or system-wide configuration changes. Autonomous invocation is allowed by default (disable-model-invocation is false) which is normal; this combination is not itself an added red flag.
What to consider before installing
This skill is suspicious because its name/description promise a headless browser CLI but the SKILL.md is actually documentation for a third‑party multi‑model API (api.heybossai.com) and requires an API key. Before installing: 1) Verify the skill's source and reputation (there's no homepage or repo). 2) Ask the publisher why the browser functionality is missing and whether any local browser automation will run (right now it will only call a remote API). 3) Treat the SKILLBOSS_API_KEY like a powerful credential — do not supply it if you would be sending sensitive files, credentials, or private data to an untrusted third party. 4) If you need local headless browser automation, prefer a skill that documents local binaries (puppeteer/playwright) or provides clear install steps and code. 5) Consider testing with a scoped/limited API key or on non-sensitive data and review billing/terms on api.heybossai.com before use.Like a lobster shell, security has layers — review code before you run it.
latestvk976g49fvqz2v85t423s071fgh82rx4y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
EnvSKILLBOSS_API_KEY
Primary envSKILLBOSS_API_KEY