ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Browser CDP Tailnet

v1.0.0

Use the detached shared Chromium browser exposed over the tailnet CDP endpoint. Trigger this when Lotfi asks for the detached browser, shared browser, remote...

0· 43·0 current·0 all-time
by@lotfinity

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for lotfinity/browser-cdp-tailnet.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Browser CDP Tailnet" (lotfinity/browser-cdp-tailnet) from ClawHub.
Skill page: https://clawhub.ai/lotfinity/browser-cdp-tailnet
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install browser-cdp-tailnet

ClawHub CLI

Package manager switcher

npx clawhub@latest install browser-cdp-tailnet
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description and runtime instructions all describe the same capability: connect to a shared Chromium instance at a fixed tailnet CDP URL (http://100.101.184.33:9223). The skill doesn't request unrelated binaries, env vars, or config paths, so required capabilities are proportional to the described purpose.
Instruction Scope
SKILL.md only instructs the agent to connect to the specified CDP/WS endpoint, prefer the HTTP CDP base URL, handle a localhost rewrite if reported, and probe before claiming success. It does not instruct reading host files or unrelated credentials. Note: using a shared remote browser means any pages, cookies, or interactions performed through that browser could be visible to whoever operates that shared instance — a privacy/security consideration but not an incoherence in scope.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. There is nothing downloaded or written to disk by the skill itself.
Credentials
The skill declares no environment variables, no primary credential, and no config paths. The runtime instructions require only network access to the specified IP/port, which is consistent with its stated purpose.
Persistence & Privilege
always is false and the skill does not request elevated persistence. The skill is user-invocable and allows normal autonomous invocation by the agent (the platform default) but it does not demand permanent inclusion or modification of other skills.
Assessment
This skill is coherent and lightweight, but consider the trustworthiness of the remote browser operator before use. Any pages you load, cookies, or credentials you type or autofill while using that shared Chromium instance could be observed or intercepted by whoever controls it. Avoid performing sensitive logins, accessing private documents, or sending secrets through the shared browser unless you trust the host. If you need stronger isolation, use a local browser skill or a dedicated browser instance. If unsure, ask the skill author/operator for details about who manages the tailnet host and how session data is isolated or cleaned.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c0fsaxc7nsje3rcgfy6fbph85jdkv
43downloads
0stars
1versions
Updated 1d ago
v1.0.0
MIT-0
@lotfinity
latest
Download

Use the shared remote Chromium/CDP browser over the tailnet.

Default target:

  • CDP base URL: http://100.101.184.33:9223
  • Browser WS endpoint: ws://100.101.184.33:9223/devtools/browser/3fbb2459-85c5-40b5-8d50-6f3c596cf8d5

Preferred connection method:

  • chromium.connectOverCDP("http://100.101.184.33:9223")

Hard rules:

  • Prefer the HTTP CDP base URL over hardcoding the raw WS endpoint when your client supports it.
  • If /json/version reports ws://localhost/..., replace localhost with 100.101.184.33:9223.
  • Verify with a small probe before claiming it works.

Known-good checks already observed on this machine:

  • /json/version responded on http://100.101.184.33:9223
  • CDP WebSocket handshake succeeded
  • Browser.getVersion succeeded
  • live navigation to YouTube succeeded

Use this skill instead of local browser skills when the browser should be shared across agents or reached remotely over the tailnet.

Comments

Loading comments...