Agent Browser Core.Bak
Security checks across malware telemetry and agentic risk
Overview
This documentation-only skill is coherent for browser automation, but users should verify the external CLI and handle credentials, saved sessions, and high-risk browser controls carefully.
Install only if you are comfortable giving an agent controlled browser automation ability. Verify the external agent-browser package before installing, use a dedicated browser profile or container, restrict target domains, and require explicit approval for eval, file access, downloads, credentials, cookies, storage, proxy, or network-routing commands.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved too broadly, the agent could execute page scripts, write downloads, alter browser state, or inspect/manipulate traffic while acting in the browser.
The skill documents high-impact browser, filesystem, credential, and network controls. This is expected for a browser automation playbook and is explicitly labeled as requiring approval.
Sensitive / explicit approval - `eval` (arbitrary JS execution) - `download <selector> <path>` (writes to disk) - `set credentials`, `cookies`, `storage` ... - `network route` / `network requests` ... - `--allow-file-access`
Use the documented safe mode: approve high-risk commands only for a specific site, action, and time window.
The agent may be able to act as the signed-in user on target websites.
The skill may use authenticated browser sessions or profiles. That is purpose-aligned for web automation but gives the agent delegated access to the user's web accounts.
Required inputs - Installed agent-browser CLI and browser runtime. - Target URLs and workflow steps. - Session or profile strategy if authentication is required.
Use dedicated or temporary browser profiles, approve only the intended sites, and avoid giving access to unrelated accounts.
A user could install or trust the wrong external package if they do not independently verify the CLI source and version.
The skill is instruction-only, but it points users toward an external CLI while the supplied provenance and identity metadata are incomplete or inconsistent.
Source: unknown; Homepage: none; No install spec ... Registry slug: agent-browser-core-bak, version: 1.0.0 ... _meta.json slug: agent-browser-core, version: 1.0.1
Confirm the npm package, publisher, version, and project source before installing; prefer a container or dedicated environment as the skill suggests.
Saved state files could allow later tasks or anyone with file access to reuse signed-in sessions.
Saved browser state can persist authentication and browsing context across future runs. The skill acknowledges this sensitivity and recommends treating state files as secrets.
Log in once and `state save`. Reuse with `state load` in later runs. Treat state files as secrets and rotate when needed.
Store state files securely, use task-specific state where possible, rotate or delete them after use, and avoid reusing state across unrelated tasks.