Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Playwright Browser Automation
v2.0.0Browser automation using Playwright API directly. Navigate websites, interact with elements, extract data, take screenshots, generate PDFs, record videos, and automate complex workflows. More reliable than MCP approach.
⭐ 9· 6.8k·52 current·56 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to provide direct Playwright API automation (and explicitly says it's 'more reliable than MCP'), but the bundled examples.py demonstrates using a Playwright MCP server and MCP tool calls. This contradiction could be innocent (leftover example) or indicate mixed/unclear design — the presence of MCP-related examples is not coherent with the stated single-purpose description.
Instruction Scope
SKILL.md contains standard Playwright usage and install instructions only. It instructs installing browsers (npx playwright install ...) and running code that will read/write local files (storageState auth.json, screenshots, videos, downloads, uploads) and may require sudo for system deps. It does not instruct reading arbitrary system secrets or contacting unexpected external endpoints, but the examples include hard-coded credential examples and file paths which imply read/write filesystem access.
Install Mechanism
Install uses the official npm package 'playwright' and recommends npx playwright install for browser binaries — this is a common and expected install path. Note: browser binaries (~100MB each) will be downloaded and native dependencies may require elevated privileges on some systems.
Credentials
The skill declares no required environment variables or credentials (proportionate). However, examples show usage of credentials (HTTP basic auth, cookies, storageState) and file paths for uploads/downloads; those imply the skill will access local filesystem and could hold secrets in files if used. No unrelated credentials are requested.
Persistence & Privilege
The skill does not request always:true and doesn't modify other skills or global agent settings. It runs as a normal, user-invocable skill. Installation steps may require sudo for system dependencies, but runtime privileges are not elevated by the skill itself.
What to consider before installing
This skill appears to be an ordinary Playwright automation helper, but there are a few things to check before installing:
- Confirm intent: the skill description promises direct Playwright API usage but the included Python example uses an MCP server. Ask the publisher which mode is intended (direct API vs MCP) — mixed examples can hide unexpected behavior.
- Installation will download sizable browser binaries (chromium/firefox/webkit) and may require sudo for system deps; plan for disk and privileged-install implications.
- The skill will read/write files (screenshots, videos, downloads, storageState/auth.json). Do not point it to sensitive filesystem locations or store secrets in plain files unless you trust the skill.
- Examples show credentials (username/password) in snippets. Treat those as placeholders; never paste real secrets into examples. If you plan to automate authenticated sites, consider using temporary/test credentials and review how auth state files are stored.
- Source is unknown: verify the npm 'playwright' package origin and the skill publisher before granting network/filesystem access. If you need stronger assurance, run the install and execution in a sandboxed environment first or require the publisher to clarify the MCP vs direct-API inconsistency.Like a lobster shell, security has layers — review code before you run it.
latestvk97d7empycz9yke3jfdrfm9rxx80rd3a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎭 Clawdis
OSLinux · macOS · Windows
Binsnode, npx