Back to skill
Skillv1.0.0
ClawScan security
Smooth Browser Use · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 2:54 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope are coherent with its stated purpose: it is an instruction-only guide for reliable, human-like browser interactions and page recovery.
- Guidance
- This skill is internally consistent with its stated purpose. Before installing, confirm your agent/platform provides the browser primitives the instructions assume (get_app_state, set_value, clipboard access, and a way to synthesize real paste/keyboard events). Be mindful that the skill explicitly directs putting long text on the system clipboard and pasting into web pages — do not use it to paste sensitive secrets unless you trust the target page. Note the SKILL.md uses macOS shortcut examples (Cmd+V); adapt usage for other OSes (e.g., Ctrl+V). Also consider provenance: the source and homepage are unknown, so test the skill in a safe/non-sensitive environment to verify behavior before using it on real accounts or sensitive content.
Review Dimensions
- Purpose & Capability
- okName/description (smooth, human-like browser interactions and page recovery) aligns with the SKILL.md instructions. No unrelated binaries, credentials, or installs are requested.
- Instruction Scope
- noteInstructions stay within browser interaction and recovery scope (click visible controls, paste via clipboard, verify page state, refresh). They reference platform/browser primitives like get_app_state, set_value, accessibility tree, and use of the system clipboard and Cmd+V; these are expected for a browser automation skill but are operational assumptions the agent/platform must provide. Be aware clipboard use can move sensitive data into web pages.
- Install Mechanism
- okInstruction-only skill with no install spec or downloaded code; nothing is written to disk or fetched during install.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The SKILL.md does not ask for secrets or unrelated credentials.
- Persistence & Privilege
- okalways is false and there is no indication the skill modifies other skills or system-wide settings. Autonomous invocation is allowed (platform default) and appropriate for this kind of helper.