Agent Browser Clawdbot.Disabled
v1.0.1Headless browser automation CLI optimized for AI agents with accessibility tree snapshots and ref-based element selection
⭐ 0· 21·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the runtime instructions: the SKILL.md consistently documents using the agent-browser CLI for headless browser automation and snapshots. The commands and features described (snapshots, refs, sessions, state save/load) align with a browser automation tool.
Instruction Scope
Instructions stay within the browser-automation domain (open, snapshot, click, state save/load, network routing). They do reference reading/writing state files (e.g., auth.json, state save/load) and using an environment variable example (AGENT_BROWSER_SESSION). Those are expected for this purpose but imply local file I/O that can store sensitive cookies/auth tokens — the agent running these commands could therefore access and persist credentials from pages it automates.
Install Mechanism
No install spec is included in the skill bundle (instruction-only). The SKILL.md recommends installing the external agent-browser CLI via npm and running its own installer to download Chromium; this is a normal, proportional ask for a CLI-based browser tool. There are no opaque download URLs in the skill itself.
Credentials
The skill does not require any environment variables or credentials in the registry metadata. It shows optional use of AGENT_BROWSER_SESSION and references state files; those are reasonable for session isolation but can lead to storage of sensitive cookies/credentials. No unrelated secrets are requested.
Persistence & Privilege
always is false and the skill is user-invocable. The skill does not request permanent platform privileges or modify other skills' configs. Autonomy (model invocation) is allowed by default — appropriate for agent-invoked CLI workflows — but keep in mind this lets the agent run the external CLI if enabled.
Assessment
This skill is an instruction-only guide for using the external agent-browser CLI — it does not embed or install code itself. Before using: 1) install agent-browser only from the official project (verify the npm package and GitHub repo) because the skill expects that external binary; 2) be cautious with state save/load files (e.g., auth.json) — they can contain cookies and tokens that effectively act as credentials; 3) the agent will be able to run the CLI (and thus visit and interact with websites), so avoid allowing it to run automation against sensitive accounts or pages unless you trust the CLI and have isolated session/state files; 4) note the small inconsistency: the SKILL.md metadata references the required command 'agent-browser' while the registry metadata lists no required binaries — you must ensure the CLI is actually installed on your system. If you want to reduce risk, run the agent-browser CLI in an isolated environment, review the package source before installing, and avoid loading saved state files from untrusted sources.Like a lobster shell, security has layers — review code before you run it.
latestvk974qq5m5syyjqp1z3mp05f87184d0ge
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🌐 Clawdis