ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Claude Chrome

v1.0.0

Use Claude Code with Chrome browser extension for web browsing and automation tasks. Alternative to OpenClaw's built-in browser tools.

0· 3.3k·21 current·22 all-time
by@dgriffin831
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the requested artifacts: SKILL.md requires the 'claude' binary and describes using the Claude Code Chrome extension/Chrome on the node. Requiring the claude binary and checking for the native host process is proportionate to the stated goal of driving a local Chrome extension.
!
Instruction Scope
Instructions tell the agent to run nodes.run to execute arbitrary 'claude' commands on a target node, including using the flag --dangerously-skip-permissions (auto-approve all actions). That flag plus advice to be 'aggressive' with automation gives the agent broad ability to click, fill forms, read page contents, and interact with authenticated sessions — potentially exposing cookies, local storage, or other sensitive data. The instructions do not constrain what pages or data are accessed and encourage bypassing user approvals, which increases risk.
Install Mechanism
No install spec or code files — instruction-only skill. Nothing will be written to disk by the skill itself; lowest install risk.
Credentials
No environment variables, no unrelated credentials requested. Requiring the 'claude' binary and an active Chrome + extension is consistent with the functionality. No unexpected secrets or config paths declared.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes or access to other skills' configurations. Agent invocation is allowed (default) — combined with the instruction scope concerns this increases blast radius but is not anomalous by itself.
What to consider before installing
This skill is internally consistent with its description, but its runtime guidance to use --dangerously-skip-permissions and run arbitrary 'claude' commands on a node is risky. Before installing, consider: 1) Only run on nodes you fully control and trust; isolate the Chrome profile used for automation (no personal accounts, no saved passwords/cookies you care about). 2) Avoid or audit use of --dangerously-skip-permissions — prefer manual approval of domain permissions when possible. 3) Limit the node's privileges and network access, and do not expose sensitive credentials or services to that node. 4) If you only need scraping or public-page reads, prefer safer tools (e.g., web_fetch) that don't access a full browser profile. 5) If you proceed, monitor activity and be prepared to rotate any secrets that might be exposed. If you want a lower-risk alternative, ask the skill author to remove the recommendation to auto-skip permissions and to provide guarded examples that limit pages/actions and demonstrate safer defaults.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c2gyzyebqzh4p2pycd5cdbd80f6a4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Any binclaude

Comments