Control Host Browser
PassAudited by VirusTotal on May 2, 2026.
Overview
Type: OpenClaw Skill Name: control-host-browser Version: 1.0.0 The skill bundle provides a utility for an AI agent to open URLs in a Chrome browser on the host machine using the Chrome DevTools Protocol (CDP). It consists of a shell script (control_host_browser.sh) that creates a new tab via a REST API call and a Python script (cdp_navigate.py) that implements a raw WebSocket handshake to send the navigation command. The code is transparent, lacks obfuscation, and its functionality is strictly limited to the stated purpose of browser control without any indicators of data exfiltration or unauthorized execution.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can open a page in the user's real Chrome browser, which may be visible on the user's machine and may interact with existing browser state.
The script uses Chrome DevTools Protocol to create a tab and navigate it to the provided URL. This is the core purpose of the skill, but it is still browser-control authority that should be used only for user-requested URLs.
RESPONSE=$(curl -s -X PUT "http://172.17.0.1:$PORT/json/new") ... python3 "$SCRIPT_DIR/cdp_navigate.py" "$PORT" "$PAGE_ID" "$URL"
Use only when you explicitly want a link opened in your host browser, and review unusual or sensitive URLs before allowing them.
A URL opened in the main profile could load as the signed-in user for that site, and the visit may appear in browser history or trigger normal website behavior.
The skill defaults to the host machine's main Chrome profile. Pages opened there may use the user's normal logged-in browser sessions even though the code does not directly read credentials.
确认 Profile 名称(默认为 `main`,对应宿主机上的特定用户配置)
Prefer opening only trusted HTTP/HTTPS links, and avoid using this for account-management or transaction URLs unless you intend to act in your own signed-in browser.
The skill may fail or behave differently if Python 3 or curl are unavailable, and the registry metadata does not fully communicate those runtime needs.
The README documents runtime dependencies, while the registry metadata declares no required binaries. This is an under-declared requirement rather than evidence of hidden behavior.
Requirements\n\n- Python 3.x (for `cdp_navigate.py`)\n- `curl` (for tab creation)
Confirm the included scripts and dependencies are present before use, and treat the source as unverified because no homepage or source repository is provided.