ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Stealth Browser

Access websites with advanced bot protection to fetch HTML, screenshots, PDFs, or multiple pages in parallel using isolated browser contexts.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 454 · 0 current installs · 0 all-time installs
byThe Zealot@xthezealot
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, README, SKILL.md, package.json and code all consistently implement a headless browser that tries to evade bot-detection (playwright-extra + stealth plugin). Requesting no env vars and no exotic system access is coherent; it does expect a system Chromium at /usr/bin/chromium as documented.
!
Instruction Scope
Runtime code (index.js -> execSync -> stealth-browser.js) executes arbitrary navigation to URLs provided by users and writes screenshots/PDFs to /tmp. The runBrowser command constructs a shell command by interpolating args directly into execSync without escaping — this creates a risk of shell/command injection if input is not strictly validated. The onLoad hook will also run 'npm install' in the skill directory, which is an automatic side-effect not described in SKILL.md.
Install Mechanism
There's no declared install spec, but index.js's onLoad automatically runs 'npm install' if node_modules is missing. That will download and install many dependencies from the public npm registry (package-lock.json lists many packages). Using npm is expected here, but automatic installation at skill load time increases risk because new code is fetched/executed in the agent environment without an explicit install step.
Credentials
The skill declares no required environment variables or credentials and the code doesn't access external credentials. It does require network access to fetch target websites and filesystem write access to /tmp for screenshots/PDFs; those are proportional to its stated functionality.
Persistence & Privilege
always is false and the skill does not request system-wide settings or modify other skills. The onLoad npm install behavior gives it the ability to modify its own directory (create node_modules), which is typical for Node-based skills but worth noting.
What to consider before installing
This skill appears to do what it claims (stealth browsing), but there are a few practical risks you should weigh before installing: - Command-injection risk: The skill constructs shell commands by inserting user-provided URLs/arguments directly into execSync calls. If untrusted input reaches those args, it could be abused to run arbitrary shell commands. Ask the author to properly escape/avoid shell interpolation or run the child process with execFile/spawn and argument arrays. - Auto-install side-effect: onLoad runs 'npm install' in the skill directory, which will fetch many packages from the public npm registry and place them on disk. That means code is pulled and executed at load time — consider running this in an isolated environment or vetting the package-lock.json and packages first. - Sandbox flags: The browser is launched with --no-sandbox and --disable-setuid-sandbox. Those flags are often required in certain environments but reduce process isolation; avoid running this on a high-value host or run inside a hardened container. - Filesystem and network access: The skill writes output to /tmp and performs arbitrary network requests to target sites (including sites behind bot protections). Ensure this behavior is acceptable for your environment and that you are not violating terms of service or local policies. Recommendations: only use in an isolated VM/container, review/verify package-lock.json or run npm install in an offline/vetted mirror, request the author to fix unsafe execSync usage (use argument arrays or escaping), and confirm you are comfortable with automatic dependency installation and running Chromium with the provided flags.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk970jkdjq51xxem0k1pwjq1xkh81evk4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Stealth Browser

Use /stealth-browser to access websites with advanced bot protection.

Commands

  • /stealth-browser open <url> - Fetch page HTML
  • /stealth-browser screenshot <url> - Take full-page screenshot
  • /stealth-browser pdf <url> - Save page as PDF
  • /stealth-browser parallel <url1> <url2> [url3...] - Fetch multiple URLs in parallel

Examples

/stealth-browser open https://www.bazaraki.com/adv/6203561_2-bedroom-detached-house-for-sale/
/stealth-browser screenshot https://example.com
/stealth-browser pdf https://example.com
/stealth-browser parallel https://site1.com https://site2.com https://site3.com

Parallel Browsing

The parallel command fetches multiple URLs simultaneously using isolated browser contexts:

  • Each URL gets its own isolated context (cookies, storage, etc.)
  • Much faster than sequential fetching
  • Results returned as formatted JSON

How It Works

Uses Playwright Extra with Stealth Plugin to mask automation signatures:

  • Removes navigator.webdriver flag
  • Spoofs Chrome plugins and permissions
  • Fakes WebGL/Canvas fingerprints
  • Mimics real user behavior

Bypasses Cloudflare, reCAPTCHA, and most bot detection.

Files

6 total
Select a file
Select a file to preview.

Comments

Loading comments…