ClawHub

SurfAgent Browser Operations

v1.1.0

Core browser operations skill for SurfAgent and similar browser agents, covering tab discipline, perception-first execution, human-like driving, proof rules,...

0· 76·0 current·0 all-time
by@surfagentapp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the SKILL.md content: generic browser/tab hygiene, perception-first loops, and fallback rules. Nothing requested (no env vars, no binaries, no config paths) is out of scope for a browser-operations guide.
Instruction Scope
The instructions stay on-topic (perceive state, act, verify, use screenshots when needed, hand off to platform adapters/MCPs as fallback). One note: the doc recommends escalating to platform adapters or an 'MCP server' when available — those downstream integrations could send page state or screenshots to external services depending on the platform skill used. The SKILL.md itself does not instruct any data exfiltration or reference unrelated files or env vars.
Install Mechanism
No install spec and no code files. Instruction-only skills have minimal install risk because nothing is written to disk by this package.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportional to an instruction-only browser-operations skill.
Persistence & Privilege
always is false, no requests to modify other skills or system configuration. Autonomous invocation is allowed by platform defaults but this skill does not request elevated persistence.
Assessment
This skill is a coherent, low-footprint set of runtime rules for browser automation. Before installing, confirm the platform-specific adapters or MCPs you pair with it are trusted, because while this skill itself doesn't send data out, following its advice to escalate to platform adapters or external MCP servers could cause screenshots or page state (which can include sensitive information) to be transmitted. Test the agent with non-sensitive accounts/pages first, and review any site-specific skills or platform adapters you enable alongside this skill to ensure they don't exfiltrate tokens or private data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97agkes5syrnhvzxzeqjnxh9s84jsf3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧭 Clawdis

Comments