ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Browser - Stagehand

Automate web browser interactions using natural language via CLI commands. Use when the user asks to browse websites, navigate web pages, extract data from websites, take screenshots, fill forms, click buttons, or interact with web applications.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
4 · 5.3k · 30 current installs · 30 all-time installs
by@peytoncasper
duplicate of @peytoncasper/browser-automation
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to automate browsers (reasonable). However the SKILL.md and setup.json expect ANTHROPIC_API_KEY and optionally Browserbase API keys (BROWSERBASE_API_KEY, BROWSERBASE_PROJECT_ID) even though the registry metadata declares no required env vars/credentials. The skill also uses a persistent Chrome profile and download path which are plausible for a browser tool but increase scope (session cookies, saved credentials). The mismatch between declared requirements and actual instructions is incoherent.
!
Instruction Scope
Instructions tell the agent to run npm install and npm link (system-wide changes), to read/write a .env file and .chrome-profile, to save downloads to ./agent/downloads, and to use an external model (Anthropic) for action interpretation. The skill will therefore potentially transmit page content/DOM to a remote model and persist session cookies locally. The header also states automatic mode selection (local vs Browserbase) occurs without prompting, so presence of keys could silently change behavior to use remote infrastructure.
Install Mechanism
There is no formal install spec (instruction-only), which limits automated platform installation risk. But the runtime README explicitly instructs running 'npm install' and 'npm link' to create a global CLI — commands that modify the host environment and install dependencies from package manifests. That is expected for a CLI tool but means the agent or user will execute arbitrary package installs locally; provenance of those packages is not documented here.
!
Credentials
The skill effectively requires ANTHROPIC_API_KEY (setup.json) and optionally Browserbase keys (SKILL.md) to enable remote model-driven actions and remote Browserbase scraping, but the registry metadata lists no required env vars. This mismatch is concerning: sensitive credentials are implicated but not declared. Additionally, persisting .chrome-profile can retain session cookies/credentials, expanding the data the tool can access.
Persistence & Privilege
The skill does not request always:true and does not modify other skills, which is fine. It does instruct creating a persistent Chrome profile (.chrome-profile), download and screenshot directories, and suggests npm link to install a global 'browser' command — these create persistent artifacts on disk and a global binary that alter the system environment. That behavior is plausible for a CLI but is a notable privilege/persistence footprint.
What to consider before installing
This skill is coherent with a browser automation tool, but there are several red flags you should consider before installing or running it: - The registry says no credentials are required, but the included docs/setup.json expect ANTHROPIC_API_KEY and optionally Browserbase API keys. Treat those credentials as sensitive — if you provide them the tool may send page content and extracted data to remote services. - The skill recommends running 'npm install' and 'npm link', which will install dependencies and create a global 'browser' command. Only run those if you trust the package source; review package.json and dependency list first. - It uses a persistent Chrome profile (.chrome-profile) and saves downloads/screenshots to local folders. That will preserve cookies, sessions, and downloaded files — avoid using it on pages with sensitive accounts unless you understand and accept that persistence. - Mode selection is automatic: if Browserbase keys are present the tool will use remote infrastructure (stealth/proxy). If you don't want remote use, do not provide Browserbase credentials and remove any existing .env keys. - The tool refers to sending page data to an external LLM (Anthropic Claude). If you will visit pages containing secrets or PII, assume that data may be transmitted to the model provider. Recommended actions: inspect the package contents (package.json, src) before running npm install; run in an isolated/sandbox environment first; only provide API keys you trust and rotate them after testing; and avoid automating authenticated flows with sensitive accounts until you verify behavior and data flows.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk9707w9n7bw25m2yxa8ezdkfgx80j08f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Browser Automation

Automate browser interactions using Stagehand CLI with Claude.

First: Environment Selection (Local vs Remote)

The skill automatically selects between local and remote browser environments:

  • If Browserbase API keys exist (BROWSERBASE_API_KEY and BROWSERBASE_PROJECT_ID in .env file): Uses remote Browserbase environment
  • If no Browserbase API keys: Falls back to local Chrome browser
  • No user prompting: The selection happens automatically based on available configuration

Setup (First Time Only)

Check setup.json in this directory. If setupComplete: false:

npm install    # Install dependencies
npm link       # Create global 'browser' command

Commands

All commands work identically in both modes:

browser navigate <url>                    # Go to URL
browser act "<action>"                    # Natural language action
browser extract "<instruction>" ['{}']    # Extract data (optional schema)
browser observe "<query>"                 # Discover elements
browser screenshot                        # Take screenshot
browser close                             # Close browser

Quick Example

browser navigate https://example.com
browser act "click the Sign In button"
browser extract "get the page title"
browser close

Mode Comparison

FeatureLocalBrowserbase
SpeedFasterSlightly slower
SetupChrome requiredAPI key required
Stealth modeNoYes
Proxy/CAPTCHANoYes
Best forDevelopmentProduction/scraping

Best Practices

  1. Always navigate first before interacting
  2. View screenshots after each command to verify
  3. Be specific in action descriptions
  4. Close browser when done

Troubleshooting

  • Chrome not found: Install Chrome or use Browserbase mode
  • Action fails: Use browser observe to discover available elements
  • Browserbase fails: Verify API key and project ID are set

For detailed examples, see EXAMPLES.md. For API reference, see REFERENCE.md.

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…