Back to skill
Skillv1.0.0
VirusTotal security
Agent Browser Skipped · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:42 AM
- Hash
- 96bbcc947d37628137e60cc57ecd9a9cfd7293847662df42c9c1ad34abcc598f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-browser-skipped Version: 1.0.0 The skill provides a comprehensive wrapper for the 'agent-browser' CLI, enabling extensive browser automation. It is classified as suspicious because it includes several high-risk capabilities such as arbitrary JavaScript execution ('eval'), access to sensitive session data ('cookies', 'storage'), and network request interception ('network route'). While these features are plausibly needed for the stated purpose of web automation and form testing, they provide a significant attack surface for data exfiltration or unauthorized actions if the AI agent is targeted by prompt injection. The skill correctly references the legitimate 'vercel-labs/agent-browser' repository for its core functionality.
- External report
- View on VirusTotal