Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Browser Jt
v1.0.0Headless browser automation CLI optimized for AI agents with accessibility tree snapshots and ref-based element selection
⭐ 0· 0·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a CLI 'agent-browser' for headless automation and all runtime instructions match that purpose (navigation, snapshots, refs, sessions, network control). However, registry metadata (owner ID, slug, version) does not match the included _meta.json content (different ownerId, slug, and version), which is an inconsistency worth verifying with the publisher.
Instruction Scope
Instructions stay within browser automation scope (open, snapshot, click, state save/load, network routing). They do instruct the agent to save/load local state files (e.g., auth.json) and reference an env var (AGENT_BROWSER_SESSION) — these are reasonable for a browser tool but mean the agent may access local credential files if asked to load them. There are no instructions to read unrelated system files or to exfiltrate data, but loading/storing auth files is sensitive and should only be used with trusted files.
Install Mechanism
The skill is instruction-only and has no install spec; SKILL.md recommends installing via 'npm install -g agent-browser' and running 'agent-browser install' to download Chromium. Because the platform does not auto-download anything, risk is low from the skill itself — but installing the third-party npm package and downloading Chromium are external actions the user would perform and should be vetted (check npm package, GitHub repo, and package owner).
Credentials
No required environment variables or credentials are declared. SKILL.md optionally references AGENT_BROWSER_SESSION and uses local state files for cookies/storage; these are proportional to a browser automation tool. There are no unrelated credential requests in the skill files.
Persistence & Privilege
always is false and the skill allows normal autonomous invocation (platform default). The skill does not request to persist or modify other skills or global agent configuration in the provided files.
What to consider before installing
This skill's commands and capabilities are consistent with a headless browser CLI, but there are red flags you should check before installing or using it with real credentials: 1) Metadata mismatch — the registry metadata (owner/slug/version) does not match the included _meta.json; confirm the publisher and repository URL on GitHub. 2) Installing requires running npm install -g agent-browser and agent-browser install (which downloads Chromium) — review the npm package and its source code/maintainer before installing. 3) The skill encourages using 'state load' to load auth JSON files; do not load sensitive credentials or session files unless you trust the package and repository. 4) Network routing and request-mocking commands can rewrite requests (expected for automation) — avoid pointing the tool at sensitive internal systems until verified. If unsure, run the package in an isolated environment (container/VM) and inspect the installed binaries and npm package contents first.Like a lobster shell, security has layers — review code before you run it.
latestvk97et8gr8at0y721cr39xf1gv584xqq3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🌐 Clawdis