ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Browser Automation Stealth

Playwright wrapper enabling stealth browser automation with fingerprint randomization, proxy rotation, captcha handling, and session persistence for undetect...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 2.5k · 10 current installs · 10 all-time installs
by@Shepherd217
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name, README, package.json and SKILL.md consistently describe a Playwright 'stealth' wrapper (fingerprint randomization, header rotation, proxies, captcha integration). The package is instruction-only and does not request unrelated credentials or binaries, so the declared capability matches the requested footprint.
Instruction Scope
SKILL.md provides runnable examples (npm/pip install, instantiating StealthBrowser, saving/loading cookies, using proxies, enabling captchaBypass). The instructions do not ask the agent to read unrelated system files or exfiltrate secrets, but they do instruct installing packages and running Playwright (which will download browser binaries). The guidance enables potentially privacy- or policy-sensitive actions (undetected scraping, captcha bypass) but those are within the stated purpose.
Install Mechanism
There is no install spec in the skill bundle (lowest immediate risk), but the README/SKILL.md instructs users to install via npm or pip and to run npx playwright install. Installing packages from npm/pip and having Playwright download browsers is expected for this type of skill but carries the usual risks of third-party package installation (arbitrary code execution and binary downloads). No obscure or suspicious download URLs are present in the provided files.
Credentials
The skill declares no required env vars or credentials (consistent with the bundle). However, SKILL.md references captcha-solving services (2Captcha/AntiCaptcha) and shows examples that would require API keys or proxy credentials in practice; those secrets are not declared in the skill metadata. This is likely an omission rather than malicious behavior, but users should be aware they'll need to supply third-party API keys/proxy credentials outside the skill.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent system privileges or attempt to modify other skills or global agent configuration. No elevated persistence or forced inclusion is requested.
Assessment
This skill appears coherent for building a Playwright-based 'stealth' browser tool, but take these precautions before installing or using it: - Review the upstream repository and package contents (index.js and any install scripts) before running npm/pip install — third-party packages can execute arbitrary code during install. - Expect to provide third-party credentials yourself (captcha solver API keys, proxy credentials); the skill does not declare these env vars. Do not reuse sensitive credentials from other services. - Playwright will download browser binaries (npx playwright install); run installs in an isolated environment (VM/container) if you want to limit exposure. - Consider legal and policy implications: evading bot detection and captcha solving can violate websites' terms of service or applicable law. - If you need to proceed, perform initial testing in a controlled sandbox, limit network access where possible, and audit network calls to ensure no unexpected data exfiltration occurs.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97fxge5kxzpf3cegdbeh3tkq980xhy0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Browser Automation Stealth

Version: 1.0.0
Author: Midas Skills
License: MIT

Description

Anti-bot evasion Playwright wrapper. Stealth mode, proxy rotation, captcha handling, fingerprint randomization.

Value Proposition

Anti-bot evasion Playwright wrapper. Evade detection, manage cookies, rotate headers, handle captchas. Silent, headless, undetectable.

Category

browser-automation

Tags

stealth, anti-detection, playwright, scraping, automation

Skill Type

automation

Pricing

  • Free: $0
  • Pro: $49.99

Key Features

  • ✅ Playwright wrapper with stealth defaults
  • ✅ Anti-detection mechanisms (fingerprint randomization)
  • ✅ Header rotation (100+ user-agents)
  • ✅ Proxy support (SOCKS5, HTTP)
  • ✅ Cookie jar management
  • ✅ Captcha bypass (integration-ready)
  • ✅ Rate limiting aware
  • ✅ Screenshot/PDF generation
  • ✅ Form automation
  • ✅ Cookie/session persistence

Use Cases

  • Web scraping at scale (undetected)
  • Automated testing on protected sites
  • Data collection for market research
  • Competitive intelligence gathering
  • Automated form submission (compliant)
  • Screenshot automation without detection

Installation

npm install browser-automation-stealth
# or
pip install browser-automation-stealth

Quick Start

const { StealthBrowser } = require('browser-automation-stealth');

const browser = new StealthBrowser({
  headless: true,
  stealth: 'aggressive'  // evasion level
});

const page = await browser.newPage();
await page.goto('https://example.com');
await page.screenshot({ path: 'example.png' });
await browser.close();

Repository

https://github.com/midas-skills/browser-automation-stealth

Support

📧 support@midas-skills.com
🔗 Docs: https://docs.midas-skills.com/browser-automation-stealth

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…