Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/index.js:16
- Evidence
const child = spawn("browser-use", argv, {
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a real browser automation plugin, but it gives the agent broad control over a browser and possible logged-in sessions, so users should review it carefully before enabling.
Before installing, decide whether you are comfortable letting OpenClaw automate a browser. Use a separate browser profile when possible, avoid logged-in sessions for sensitive accounts, verify the browser-use installer, and require explicit approval before the agent submits forms, changes account data, posts content, or makes purchases.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec
const child = spawn("browser-use", argv, {const child = spawn("browser-use", argv, {