ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Browser

v0.8.6

Automates browser interactions for web testing, form filling, screenshots, and data extraction. Use when the user needs to navigate websites, interact with web pages, fill forms, take screenshots, test web applications, or extract information from web pages.

9· 3.4k·3 current·4 all-time
by@tekkenkk·duplicate of @tekkenkk/agent-browser-3
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the included SKILL.md, reference docs, and the three bash templates — all describe browser navigation, form automation, screenshots, recordings, session persistence and proxy support which are appropriate for a browser automation tool.
Instruction Scope
Instructions and templates perform actions expected for browser automation (open, snapshot, click, state save/load, screenshot, record). They also show patterns for saving/loading session state files and using proxies. Nothing in the SKILL.md instructs the agent to read unrelated system files or to send data to unknown external endpoints, but the templates deliberately read/write local state files (e.g. ./auth-state.json, /tmp) and reference environment variables (HTTP_PROXY, HTTPS_PROXY, APP_USERNAME, APP_PASSWORD) that are not declared — these are expected for auth & proxy flows but are sensitive operations the user should review before running.
Install Mechanism
No install spec (instruction-only with template scripts) — the skill does not download or install external code. This is the lowest-risk install posture.
Credentials
The skill does not require declared environment variables, but the docs and templates recommend and use common env vars (HTTP_PROXY, HTTPS_PROXY, ALL_PROXY) and suggest using APP_USERNAME/APP_PASSWORD and saving session state files. Requesting those values at run-time would be proportionate to the tasks, but they are sensitive and the skill does not declare them formally — users should avoid committing saved state files or embedding secrets in templates.
Persistence & Privilege
always:false and no system-wide config changes. The templates persist session state locally (session files) which is standard for reuse of authenticated sessions; nothing tries to modify other skills or global agent configuration.
Assessment
This skill appears coherent for web automation, but review and exercise caution before use: 1) Inspect the template scripts before running — they read/write local session state files (auth-state.json) that contain cookies/tokens; keep them out of source control and delete when not needed. 2) Prefer using ephemeral credentials or CI secrets when automating logins; never hardcode passwords into templates. 3) Proxy and scraping examples can be misused — ensure you comply with target site terms of service and legal/regulatory constraints. 4) If you plan to let the agent run autonomously, consider limiting what credentials or state files it can access. If you want a deeper review, provide any runtime wrapper/CLI binary for agent-browser or explain how agent-browser is installed and where it contacts on the network — that could change the assessment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a7cb23r858g96rms066w1ss80ag71

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments