Fastest Browser Use
Security checks across malware telemetry and agentic risk
Overview
This browser automation skill explicitly promotes bypassing bot detection and reusing saved login sessions/cookies, which is unsafe for users and third-party sites.
Do not install this skill unless you fully trust it and will restrict it to authorized browser automation. Avoid its bot-detection bypass and cookie/session reuse workflows, and never use it on logged-in accounts or third-party sites without explicit permission.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this skill as documented could cause the agent to bypass website protections, violate site rules, trigger account blocks, or create legal and operational risk.
The skill explicitly instructs agents to evade bot-detection controls and scrape protected sites, which is not a normal safety-bounded browser automation workflow.
### 1. Bypass "Bot Detection" via Human Emulation Simulate mouse jitter and random delays to scrape protected sites.
Do not use this for bypassing bot detection or scraping protected sites. Restrict use to authorized sites and require explicit user approval for navigation, login, scraping, and interaction actions.
A saved session file may allow continued access to a logged-in account. If mishandled, copied, or reused by an agent, it could expose private account data or perform actions as the user.
Saved browser sessions and cookies can act like credentials. The skill frames this as stealing a session and provides commands to persist and replay authenticated access.
### 3. Login & Cookie Heist Log in manually once, then steal the session for headless automation. ... fast-browser-use login --url "https://github.com/login" --save-session ./auth.json ... fast-browser-use navigate --url "https://github.com/dashboard" --load-session ./auth.json
Avoid saving authenticated sessions unless absolutely necessary. Store session files securely, delete them after use, and require explicit approval before loading or reusing any authenticated session.
The wording may encourage users or agents to treat large-scale harvesting of public and account-based feeds as safe, even where it may be prohibited or harmful.
The documentation markets broad harvesting of third-party feeds without any authorization, rate-limit, robots.txt, or terms-of-service guidance.
Works on any infinite scroll page: Reddit, Twitter, LinkedIn feeds, search results, etc.
Add clear limits: only scrape where authorized, respect robots.txt and site terms, rate-limit requests, and avoid account-gated or personal data sources unless explicitly permitted.
Dynamic execution increases the importance of trusting the bundled code and avoiding use on highly sensitive pages without review.
The scan shows dynamic JavaScript function construction. This may be part of expected browser-page conversion logic, but it is still sensitive because it executes generated code.
suspicious.dynamic_code_execution (critical) at src/tools/convert_to_markdown.js:22: Dynamic code execution detected. Evidence: var loadReadability = new Function(
Review `src/tools/convert_to_markdown.js` and ensure `new Function` only loads trusted bundled code, not page-controlled or user-controlled strings.
Users may not realize they need to install and trust an external binary/package before use.
The skill declares external install methods and required Chrome configuration even though the registry section says there is no install spec and no required environment.
install:
- kind: brew
formula: rknoche6/tap/fast-browser-use
- kind: cargo
package: fast-browser-use
config:
requiredEnv:
- CHROME_PATHVerify the GitHub repository, package name, and brew tap before installing. Registry metadata should be updated to match the declared install and environment requirements.
Any connected agent or MCP client may be able to drive the browser, read page content, and interact with authenticated sessions depending on how it is configured.
The package includes an MCP server that can expose browser automation capabilities to an agent or client.
description = "A lightweight Rust library for browser automation via Chrome DevTools Protocol (CDP), featuring a built-in Model Context Protocol (MCP) server for AI-driven browser automation"
Only expose the MCP server to trusted local clients, avoid network exposure unless authenticated and isolated, and do not connect it to sensitive logged-in browser sessions without explicit approval.