Back to plugin

Security audit

Oh My Browser

Security checks across malware telemetry and agentic risk

Overview

This skill openly gives an AI agent broad access to your logged-in browser, including the ability to read private pages and interact with websites, but the artifacts do not show strong per-site or per-action safeguards.

Use this only if you intentionally want an AI agent to operate your real logged-in browser. Consider a dedicated browser profile with limited accounts, avoid sensitive pages unless necessary, verify the remote installer and omb CLI, and require manual review before the agent submits forms, sends messages, changes settings, purchases anything, or accesses confidential systems.

VirusTotal

67/67 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.install_untrusted_source

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/index.js:86
Evidence
const child = spawn(ombPath, ["--mcp", "--auth-dir", this.authDir], {

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
dist/index.js:15
Evidence
const envPath = process.env.OMB_PATH;

Install source points to URL shortener or raw IP.

Warn
Code
suspicious.install_untrusted_source
Location
dist/openclaw.plugin.json:410
Evidence
"default": "http://127.0.0.1:8787",

Install source points to URL shortener or raw IP.

Warn
Code
suspicious.install_untrusted_source
Location
openclaw.plugin.json:410
Evidence
"default": "http://127.0.0.1:8787",