v1.0.5

Fastest Browser Use

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:57 AM.

Analysis

This browser automation skill is mostly coherent with its scraping purpose, but it explicitly promotes bot-detection evasion and saving/reusing login session cookies, which users should review carefully before installing.

GuidanceReview this carefully before installing. It may be useful for authorized browser automation and scraping, but avoid using the bot-detection bypass recipe or saved-session workflow unless you have permission and can protect the resulting auth files. Treat any saved session JSON like a password, and install only from a package source you trust.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

### 1. Bypass "Bot Detection" via Human Emulation
Simulate mouse jitter and random delays to scrape protected sites.

The skill explicitly instructs agents to evade bot-detection controls and scrape protected sites, which goes beyond ordinary browser automation and may violate site access boundaries.

User impactAn agent using this skill could automate access in ways that websites are actively trying to prevent, creating legal, account, or platform-policy risk for the user.

RecommendationUse only on sites where you have permission to automate access, and avoid enabling human-emulation or scraping workflows against protected services without explicit authorization.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

install:
  - kind: brew
    formula: rknoche6/tap/fast-browser-use
  - kind: cargo
    package: fast-browser-use

The skill declares external brew and cargo installation paths, while the registry section says there is no install spec. The install methods are disclosed and purpose-aligned, but metadata under-declaration makes provenance and setup expectations less clear.

User impactInstalling may fetch and run code from external package sources rather than relying only on the reviewed instruction text.

RecommendationInstall from the linked repository or package source you trust, verify the package name and publisher, and prefer pinned versions or checksums where available.

Unexpected Code Execution

SeverityMediumConfidenceMediumStatusNote

src/tools/convert_to_markdown.js

var loadReadability = new Function(

The static scan reports dynamic JavaScript construction in the Markdown conversion tool. This appears related to page-content extraction, but dynamic code execution is sensitive in a browser automation package.

User impactIf the dynamically executed code path were influenced by untrusted content, it could increase the impact of malicious pages or malformed extraction inputs.

RecommendationReview the Markdown conversion implementation before use, and avoid running it on untrusted authenticated pages unless you understand what script is being executed.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

### 3. Login & Cookie Heist
Log in manually once, then steal the session for headless automation.
fast-browser-use login --url "https://github.com/login" --save-session ./auth.json

The documented workflow saves an authenticated browser session to a local file and later reuses it, which handles account-session material but is not declared as a credential requirement in the registry metadata.

User impactSession files may grant access to logged-in accounts if exposed, reused on the wrong site, or handled by an untrusted agent workflow.

RecommendationTreat saved session files like passwords: store them outside shared workspaces, restrict permissions, delete them when no longer needed, and only use this workflow for accounts and sites you control or are authorized to automate.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

CODEBUDDY.md

A browser session manager wrapping `headless_chrome` ... A tool system for common browser operations ... An MCP (Model Context Protocol) server for AI-driven browser automation

The project is designed to expose browser-control tools through MCP for agent use. This is expected for the skill, but MCP browser access can expose page contents and authenticated sessions to connected agents.

User impactA connected agent could navigate, inspect, or interact with browser pages available in that session.

RecommendationOnly connect trusted agents or clients to the MCP server, and avoid using it with sensitive logged-in pages unless the agent workflow is trusted.