ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Se Browser Automation

v1.0.0

Browser automation patterns and best practices for OpenClaw browser control. Use when navigating web apps, filling forms, clicking elements, or extracting da...

0· 289·1 current·1 all-time
by@boris148

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for boris148/se-browser-automation.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Se Browser Automation" (boris148/se-browser-automation) from ClawHub.
Skill page: https://clawhub.ai/boris148/se-browser-automation
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install se-browser-automation

ClawHub CLI

Package manager switcher

npx clawhub@latest install se-browser-automation
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description (browser automation for SPAs, iframes, forms, etc.) align with the SKILL.md content: navigation, snapshot/act, screenshots, iframe handling, and SPA tips are all coherent with a browser automation helper.
!
Instruction Scope
Most instructions stay within browser automation, but the Login Flows step 'Handle 2FA (check email, enter code)' implies access to the user's email or external accounts. The skill does not declare how to obtain email access or credentials, nor does it instruct the agent to prompt the user — this is scope creep that could require broader access than stated.
Install Mechanism
Instruction-only skill with no install spec or code files. This is low-risk from an install/extraction perspective.
!
Credentials
The skill declares no required environment variables or credentials, but instructions referencing checking email/entering 2FA codes suggest it may need access to email accounts or other credentials. That capability is not requested or explained, creating a proportionality mismatch.
Persistence & Privilege
always is false, there is no install modifying other skills or system-wide settings, and autonomous invocation is the platform default. Nothing here requests elevated or permanent presence.
What to consider before installing
This skill appears to be a straightforward browser-automation guide and is largely coherent, but before installing or using it you should: 1) Ask the skill author or platform how 2FA 'check email' is expected to work — will the agent access your email account autonomously, or will it prompt you to copy/paste codes? Never provide email credentials unless absolutely necessary and you trust the implementation. 2) Confirm what the 'openclaw' profile implies (privileges, which browser gateway is used, whether scripts run in a sandbox). 3) Be aware the skill suggests executing JavaScript (evaluate) on visited pages — that is normal for automation but can expose sensitive data if you direct it to financial, identity, or admin consoles. 4) If you want to limit risk, require manual entry of credentials/2FA codes at runtime and avoid granting persistent access to external accounts. If the author clarifies that 2FA is handled manually or via user prompts, the remaining issues are minor and the skill is likely usable.

Like a lobster shell, security has layers — review code before you run it.

latestvk97555kc6qzst2xyw98vjtmv5s83mzyk
289downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@boris148
latest
Download

Browser Automation Skill

Profile

  • Use profile: openclaw for all automated browsing
  • Browser is managed by OpenClaw gateway

Core Patterns

Navigation

  • Use browser navigate with direct URLs when possible (faster than clicking through menus)
  • Always sleep 4-6 after navigation — SPAs load content asynchronously
  • If page seems blank, try screenshot first — content may be rendered but not in DOM snapshot

Element Interaction

  • Use snapshot to get element refs, then act with refs
  • For iframe content: use frame parameter in snapshot
  • If compact snapshot misses content, try full snapshot or screenshot
  • GHL and complex SPAs often render in iframes — check both main page and iframe

Screenshots vs Snapshots

  • Snapshot — DOM tree, good for finding clickable refs
  • Screenshot — Visual image, good for understanding what's actually on screen
  • When snapshot shows empty/minimal content but screenshot shows a full page → content is in iframe or shadow DOM

Login Flows

  1. Navigate to login page
  2. Snapshot to find form fields
  3. Click + type credentials
  4. Handle 2FA (check email, enter code)
  5. Wait for redirect (sleep 4-6 seconds)
  6. Verify logged in via screenshot

Common Issues

  • Popups/modals blocking → Press Escape
  • Lazy-loaded content → Wait longer, refresh, or navigate directly via URL
  • iframe content → Use frame parameter or evaluate JS to find iframe
  • evaluate function errors → No const, let, or arrow functions. Use var and function(){} syntax.
  • ref required errors → Must use ref from snapshot, can't use text selectors

SPA-Specific Tips

  • SPAs don't fully reload on navigation — URL changes but DOM updates incrementally
  • Some content only appears after JavaScript execution
  • If clicking a link doesn't work, try navigating directly to the URL
  • F5 refresh can help when SPA state gets stuck

Comments

Loading comments...