Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Manikantasai Playwright Automation
v1.0.0Browser automation using Playwright API directly. Navigate websites, interact with elements, extract data, take screenshots, generate PDFs, record videos, and automate complex workflows. More reliable than MCP approach.
⭐ 0· 1.1k·3 current·3 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared purpose (Playwright browser automation) matches the SKILL.md content: navigation, screenshots, PDF, recording, auth, file upload/download. However there is an internal mismatch: SKILL.md and its metadata target Node/npm (npx, npm install playwright) while the package includes a Python example file (examples.py). The registry summary earlier listed no required binaries/env but SKILL.md metadata declares node and npx and an npm install — these inconsistencies reduce confidence that the declared requirements align with the actual implementation.
Instruction Scope
The runtime instructions explicitly direct reading and writing local files (saving screenshots, PDFs, videos, storageState auth.json, uploads via setInputFiles, and saving downloads). They also show how to add credentials (httpCredentials, cookies, localStorage). Those behaviors are expected for browser automation, but they mean the skill will interact with arbitrary filesystem paths and potentially secrets if used with credentials — which expands the attack surface. The SKILL.md does not instruct the agent to exfiltrate data to unknown external endpoints, but it does allow use of credentials and storage files that the agent could access.
Install Mechanism
Installation instructions in SKILL.md use npm/npx and Playwright's installer (well-known registries/tools), which is a common and acceptable install path. There is no download-from-arbitrary-URL pattern. However the registry metadata supplied earlier claimed 'No install spec' while SKILL.md includes an install suggestion — this mismatch is notable and should be clarified.
Credentials
The skill does not request environment variables or credentials in the manifest. The SKILL.md shows how to supply credentials for target sites (httpCredentials, cookies, storageState), which is appropriate for a browser automation tool and does not require extra unrelated credentials. That said, because the skill will read/write local files and may be given site credentials by the user, users should avoid providing highly privileged secrets or system credential files.
Persistence & Privilege
The skill does not set always:true or other elevated persistence flags. disableModelInvocation is not set (default allows invocation), which is normal for an invocable skill. There is no indication the skill will be force-included in all agent runs.
What to consider before installing
This skill appears to be a genuine Playwright how-to, but there are inconsistencies you should clear up before installing: confirm whether the skill is intended for Node (npx/npm) or Python (examples.py), and which install steps the registry expects. Inspect the examples.py to see what it does. When running, use a sandbox or container, avoid giving it access to sensitive system credential files, and don't store production secrets in storageState/auth files used by the skill. If you need to install, prefer installing Playwright in a virtual environment (Node project or Python venv) rather than globally. If anything about the source or purpose is unclear, ask the publisher for clarification or decline until it's resolved.Like a lobster shell, security has layers — review code before you run it.
latestvk9715s4nmk10jndrfb8nb74z2n80tf1p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎭 Clawdis
OSLinux · macOS · Windows
Binsnode, npx