Back to skill
Skillv0.1.0
VirusTotal security
Browserless Agent · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:31 AM
- Hash
- cb7e7f6d636d4a72fe5c97bb2c3bf37af20c8e4b1011daa9a7fdbb1dbfb0bc17
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: browserless-agent Version: 0.1.0 The skill provides extensive web automation capabilities, including arbitrary JavaScript execution (`evaluate`, `evaluate_function` in `main.py`), local file write access (`screenshot`, `pdf` in `main.py`), and local file upload functionality (`upload_file` in `main.py`). While these are core features for a web automation tool and the documentation (`SKILL.md`, `README.md`) demonstrates security awareness, these powerful primitives could be chained by a malicious actor or a prompt-injected agent to exfiltrate sensitive data from the browser context (e.g., cookies, local storage) or local files, or to manipulate the local filesystem. There is no explicit malicious intent in the code, but the broad and powerful capabilities present a significant risk if misused.
- External report
- View on VirusTotal