Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Browser Core.Bak
v1.0.0OpenClaw skill for the agent-browser CLI (Rust-based with Node.js fallback) enabling AI-friendly web automation with snapshots, refs, and structured commands.
⭐ 0· 14·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, description, and SKILL.md consistently describe guidance for using an agent-browser CLI. The guidance expects the user to have the agent-browser CLI/runtime installed (via npm or the CLI's own installer), which is proportional to the stated purpose. However, registry metadata (provided) and the included _meta.json disagree on owner/slug/version which suggests the bundle may have been copied or repackaged without a clear source — this is unexpected and worth verifying.
Instruction Scope
The runtime instructions and reference documents focus on CLI commands, snapshots, sessions, and safety controls. They explicitly warn against high-risk actions (eval, file access, network routing) and recommend allowlists, ephemeral profiles, and approval for sensitive operations. The instructions do not ask the agent to read unrelated system files or environment variables.
Install Mechanism
This is instruction-only (no install spec or code files). The docs recommend installing agent-browser via npm (npm install -g agent-browser@<version>) or using the CLI's own installer — a standard, low-risk approach. There are no included URLs or archive downloads in the skill itself. Recommendation: pin a known-good version and install from the official registry/source.
Credentials
The skill declares no required environment variables, credentials, or config paths. The docs explicitly treat state files and tokens as secrets and advise redaction/ephemeral usage, which is appropriate. There are no unexpected requests for unrelated credentials.
Persistence & Privilege
No special persistence requested (always:false). The skill does not attempt to modify other skills or system-wide agent settings; it only provides operational guidance for running a CLI. Autonomous invocation is allowed by default, which is normal, and the skill does not request elevated privileges.
What to consider before installing
This skill's content is coherent and looks like a legitimate playbook for the 'agent-browser' CLI, but the package source is unclear: the provided registry metadata and the included _meta.json disagree (different owner/slug/version), and there is no homepage or source URL listed. Before installing or following these instructions: 1) Verify the official agent-browser project and install the CLI from an authoritative source (pin a specific release). 2) Run the CLI in a sandbox/container and avoid giving it elevated OS privileges. 3) Do not enable eval, --allow-file-access, custom executable paths, proxies, or network-routing without explicit human approval. 4) Keep session/state files ephemeral and treat them as secrets. 5) If you need more assurance, ask the publisher to explain the metadata mismatch and provide a homepage or source repository; if they cannot, treat the package as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk972waf71rmwx8hdpx979j1q5584cd93
License
MIT-0
Free to use, modify, and redistribute. No attribution required.