ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bits Browser Automation

v1.0.0

Control browser automation agents via the Bits MCP server. Use when running web scraping, form filling, data extraction, or any browser-based automation task. Bits agents can navigate websites, click elements, fill forms, handle OAuth flows, and extract structured data.

0· 2.1k·0 current·0 all-time
byRobbie Thompson@robbiethompson18
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a browser-automation MCP integration (navigate, click, fill forms, handle OAuth/2FA) which matches the skill name and description. However the registry metadata lists no source/homepage and declares no required env vars while the runtime instructions explicitly require a BITS_API_KEY and editing the agent MCP config. The missing metadata (source/homepage) and undeclared API key are inconsistent with the stated purpose.
!
Instruction Scope
The instructions tell the agent/operator to obtain an API key from app.usebits.com and add it as BITS_API_KEY to the MCP config (~/.openclaw/openclaw.json or ~/.claude.json). They also direct the agent to use an npx-installed 'usebits-mcp' package to run TypeScript in Bits' sandbox. This gives a remote service the ability to execute automation against websites and receive page contents (including any credentials or PII encountered), which is functionally necessary for browser automation but is a broad scope that should be explicit in metadata and trust decisions. The SKILL.md does not explicitly call out privacy/exfiltration risks of sending page content to Bits.
Install Mechanism
There is no formal install spec, but the runtime steps rely on 'npx -y usebits-mcp' which will download and execute code from the npm registry at first run. This is a common pattern but has higher risk than pure instruction-only skills because arbitrary remote code can be pulled and executed. The absence of a pinned package version, checksum, or authoritative source/homepage increases the risk.
!
Credentials
The skill metadata declares no required environment variables, yet SKILL.md instructs adding BITS_API_KEY (starts with 'bb_') to the MCP server env. That mismatch is a clear inconsistency. Additionally, the feature set mentions handling OAuth and stored credentials — implying user credentials or sensitive tokens may be uploaded/stored on the Bits platform. These credential flows are plausible for the described capability but deserve explicit declaration and justification in the metadata.
Persistence & Privilege
always:false (normal) and no requests to modify other skills are present. The instructions do require writing an MCP config entry (~/.openclaw/openclaw.json or ~/.claude.json), which is expected for adding a new MCP server. This is normal but the user should consciously permit editing their agent configuration.
Scan Findings in Context
[no_regex_findings] expected: The regex scanner found nothing because this is an instruction-only skill with no code files. That absence is expected, but the SKILL.md itself contains the runtime behavior that must be reviewed manually.
What to consider before installing
Summary of what to check before installing: - Verify the service and package: confirm app.usebits.com is the legitimate Bits service and inspect the npm package 'usebits-mcp' (owner, version, recent activity, tarball contents) before running npx. Prefer a pinned version and checksum rather than blind 'npx -y'. - Expect remote execution and data transfer: browser automation will send page contents and form values to the Bits service/sandbox. Do not automate pages that contain secrets or highly sensitive personal data unless you trust the service and understand its data-handling policies. - API key scope and storage: the SKILL.md requires a BITS_API_KEY but the registry metadata doesn't declare it—treat this as required. Use limited-scope or ephemeral API keys if possible, and avoid putting long-lived sensitive credentials into global agent config if you can scope them. - Configuration changes: the instructions edit your MCP config (~/.openclaw/openclaw.json or ~/.claude.json). Back up that file before modifying it and verify the exact JSON you add. - Privacy and 3rd-party credentials: the skill mentions handling OAuth/2FA and stored credentials — confirm where those credentials are stored, how long they are retained, and whether the Bits provider can access them. - If you need higher assurance: request the skill owner/source information, a homepage or repository, and a pinned npm package version or release tarball you can audit. Without that, treat this integration as requiring moderate trust.

Like a lobster shell, security has layers — review code before you run it.

latestvk978nkqv0m85c0a0b1xpf0xbbd80c074
2.1kdownloads
0stars
1versions
Updated 6h ago
v1.0.0
MIT-0
Robbie Thompson@robbiethompson18
latest
Download

Bits MCP - Browser Automation

Bits is an AI browser automation platform. The MCP server lets you run browser automation tasks from your AI assistant.

Setup

1. Get an API Key

  1. Go to app.usebits.com
  2. Sign in with Google
  3. Navigate to Settings → API Keys
  4. Click Create API Key, give it a name
  5. Copy the key (starts with bb_) — you won't see it again

2. Configure MCP

Add to your MCP config (e.g., ~/.openclaw/openclaw.json):

{
  "mcpServers": {
    "bits": {
      "command": "npx",
      "args": ["-y", "usebits-mcp"],
      "env": {
        "BITS_API_KEY": "bb_your_key_here"
      }
    }
  }
}

For Claude Code (~/.claude.json):

{
  "mcpServers": {
    "bits": {
      "command": "npx",
      "args": ["-y", "usebits-mcp"],
      "env": {
        "BITS_API_KEY": "bb_your_key_here"
      }
    }
  }
}

3. Restart

Restart your gateway/client to pick up the new MCP server.

Usage

The Bits MCP uses "Code Mode" — you write TypeScript SDK code that executes in a sandbox. Two tools are available:

  1. Documentation search — Query the SDK docs
  2. Code execution — Write and run TypeScript against the Bits SDK

Example: Scrape a Website

Use the Bits MCP to go to news.ycombinator.com and get the top 5 story titles

The agent will:

  1. Search docs for navigation/scraping methods
  2. Write TypeScript code to navigate and extract data
  3. Execute it and return results

Example: Fill a Form

Use Bits to go to example.com/contact, fill out the contact form with name "Test" and email "test@example.com", then submit

Example: Extract Structured Data

Use Bits to scrape the product listings from example-store.com/products and return them as JSON with name, price, and URL fields

Capabilities

  • Navigate — Go to URLs, handle redirects
  • Read pages — Extract text, get page layouts, take screenshots
  • Interact — Click elements, fill inputs, press keys
  • Handle auth — OAuth popups, login forms, 2FA (with stored credentials)
  • Multi-window — Switch between tabs/popups
  • Structured output — Return data in specific JSON schemas

Creating Workflows (Optional)

For repeated tasks, create a workflow in the Bits web app:

  1. Go to app.usebits.comWorkflows
  2. Create a workflow with a definition (instructions for the agent)
  3. Optionally add an output schema for structured responses
  4. Run via API: POST /workflows/{id}/runs

Troubleshooting

"API key invalid" — Check your key starts with bb_ and is copied correctly.

Slow startup — First run downloads the MCP package via npx. Subsequent runs are faster.

Task stuck — Browser automation can hit CAPTCHAs or unexpected modals. Check the live view URL in the response.

Links

Comments

Loading comments...