Browser Js
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill coherently provides browser automation, but it gives an agent broad control over a logged-in browser, including sensitive clicks, uploads, and page JavaScript.
Install only if you are comfortable letting an agent drive a CDP-enabled browser. Prefer a dedicated automation profile with minimal logins, supervise sensitive sites, and require confirmation before uploads, payments, OAuth/login prompts, public posts, or other account-changing actions.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could act as you on sites where your browser is already signed in.
The skill is designed to operate through the user's existing browser profile, so actions can be performed under already-authenticated web accounts.
Requires a Chrome/Chromium browser running with --remote-debugging-port ... Signed-in sessions carry over automatically.
Use a separate limited browser profile for automation, avoid personal or financial accounts, and require explicit confirmation before account, payment, posting, or data-changing actions.
The agent may be able to click through sensitive browser flows such as OAuth prompts, payment widgets, or captcha-like controls if instructed or misled.
The documented coordinate commands are meant to interact with sensitive cross-origin frames and bot/security-related UI, without clear approval or containment rules.
Coordinate commands (cross-origin iframes, captchas, overlays) ... captcha checkbox, payment form, OAuth widget ... These bypass all DOM boundaries.
Limit use to trusted tasks, supervise sensitive flows, and add explicit user-approval rules for payments, login/OAuth, captcha, account changes, and public submissions.
JavaScript executed in a logged-in page could read or change page state and trigger actions on that site.
The skill exposes a raw JavaScript evaluation command in the current page context; this is disclosed and browser-related, but it is an escape-hatch capability.
bjs eval <js> Run JavaScript in page
Use eval only for trusted, task-specific snippets and avoid running code copied from webpages or untrusted sources.
Installing dependencies adds normal package-supply-chain exposure.
The setup requires a manual npm dependency install even though the registry metadata lists no install spec; the provided package files show a small dependency, but users should still review it before running.
cd scripts && npm install
Review scripts/package.json and scripts/package-lock.json before installation and run npm install only in the skill's scripts directory.