ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Browser 0.2.0

v1.0.0

A fast Rust-based headless browser automation CLI with Node.js fallback that enables AI agents to navigate, click, type, and snapshot pages via structured commands.

1· 1.3k·126 current·135 all-time
by@knightluozichu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (Rust-based headless browser CLI with Node fallback) matches what the SKILL.md instructs: installing an npm package and running a broad set of browser automation commands. Requiring node/npm is proportionate and expected for an npm-distributed CLI.
Instruction Scope
The SKILL.md gives explicit CLI commands (open, snapshot, click, fill, cookies, upload, screenshot, set headers/credentials, record video) that stay within browser automation scope. These commands necessarily let the agent access web content, cookies, local files (upload/file params), and take snapshots/screenshots — all expected but potentially sensitive. The instructions do not ask to read unrelated system files or arbitrary env vars, and they don't direct data to any unexpected external endpoint in the provided content.
!
Install Mechanism
This is an instruction-only skill that tells the user/agent to run npm install -g agent-browser and a post-install agent-browser install. Because there is no bundled code or vetted install spec, the runtime will fetch code from npm (and possibly additional assets during agent-browser's own install). That external installation step can execute arbitrary code on the host during install — verify the package namespace, integrity, and upstream repository before installing. The SKILL.md also offers a git clone from GitHub; the skill package provides no provenance or homepage in its metadata.
Credentials
No environment variables or external credentials are requested by the skill metadata. The CLI exposes commands to set headers and credentials at runtime, which is appropriate for a browser automation tool. The skill does not request unrelated secrets or config paths.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide configuration changes in the SKILL.md. It is user-invocable and allows autonomous invocation by default (the platform default), which is expected for skills of this type.
Assessment
This skill appears to be a straightforward wrapper for an external CLI (agent-browser) and is internally consistent. Before installing or invoking it: 1) Verify the npm package and upstream GitHub repo (owner, recent activity, release integrity) because the SKILL.md instructs you to run npm install -g and a post-install that may fetch binaries; untrusted npm packages can execute arbitrary code during install. 2) If you plan to let an autonomous agent use the tool, avoid giving it access to sensitive sites or credentials without supervision, since the tool can read cookies, snapshots, and upload local files. 3) Consider running the install and the CLI inside a sandboxed container or dedicated non-production environment first, and pin to a specific, reviewed package version. 4) If you need higher assurance, request the upstream source code or a cryptographic checksum for the package and inspect what agent-browser's own 'install' step downloads/executes.

Like a lobster shell, security has layers — review code before you run it.

latestvk9766eb7pd723h2m6m771m7y3581284z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Binsnode, npm

Comments