Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Browser CLI
v1.0.0使用 agent-browser CLI 进行浏览器自动化。用于签到、填表、截图、信息抓取等需要控制浏览器的任务。触发条件:(1) 用户要求自动化浏览器操作 (2) 需要签到、填表、点击按钮 (3) 需要抓取网页内容作为研究素材
⭐ 2· 3k·23 current·26 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (browser automation, sign-ins, form-filling, scraping) matches the instructions and commands in SKILL.md; there are no unrelated env vars, binaries, or config paths requested.
Instruction Scope
Instructions stay within browser automation: opening pages, clicking, filling, snapshots, screenshots and creating a small cronable script. They do recommend writing a script under ~/.openclaw/scripts and using screenshots and page scraping (which is expected for this purpose), so users should be aware these actions can capture and store sensitive page content if misused.
Install Mechanism
No install spec in the skill package itself, but SKILL.md recommends `npm install -g agent-browser` and `agent-browser install`. Installing a global npm package can run arbitrary install/postinstall scripts and persists code on disk — a moderate-risk, common distribution method. No direct download URLs are provided.
Credentials
The skill declares no required environment variables, credentials, or config paths. The example uses plaintext fills (e.g., password) but does not request secrets from the environment.
Persistence & Privilege
always is false and the skill is user-invocable; autonomous invocation is enabled by default (normal). The skill does suggest creating a user script and possibly a cron job, which is standard for scheduled automation but is user-controlled rather than requiring system privileges.
Assessment
This skill appears coherent for browser automation, but take these precautions before installing: (1) The package has no homepage/source listed — inspect the npm package before running a global install (use `npm view agent-browser`, `npm pack`, or review its repository) because npm packages can run arbitrary code at install time. (2) Prefer installing in a contained environment (non-root user, container, or dedicated VM) if you want to reduce risk. (3) Review any cron scripts you create (e.g., ~/.openclaw/scripts/*) and avoid storing secrets in plaintext inside them. (4) Be mindful that screenshots and page scraping can capture sensitive data; restrict automated workflows and require explicit confirmation for actions that sign in or submit forms. (5) If you need higher assurance, ask the publisher for source code or a verified homepage and re-run the evaluation once provenance is known.Like a lobster shell, security has layers — review code before you run it.
latestvk9777fmzrf5q0kxw7ty227xk8h824s62
License
MIT-0
Free to use, modify, and redistribute. No attribution required.