Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Browser Use.Conflict
v1.0.0Automates browser interactions for web testing, form filling, screenshots, and data extraction. Use when the user needs to navigate websites, interact with w...
⭐ 0· 17·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md describes a browser automation CLI (navigation, clicks, screenshots, cookie export/import, connecting to Chrome via CDP, using real Chrome profiles, cloud provisioning and tunnels). Those capabilities are coherent with the stated purpose, but the package metadata in _meta.json (ownerId, slug, version) does not match the registry metadata provided for this skill (different ownerId/slug/version). That metadata inconsistency is an integrity risk (packaging / provenance mismatch) and reduces trust.
Instruction Scope
Instructions include actions that access sensitive local state: using a real Chrome profile (existing logins/cookies), exporting cookies to JSON, connecting to a local CDP endpoint (ws://localhost:9222), uploading local files, and provisioning cloud browsers / tunnels. These are within a browser-automation tool's scope, but they materially broaden what the skill can access and transmit. Additionally, SKILL.md refers to BROWSER_USE_API_KEY and a 'cloud login' that 'saves API key'—the skill text instructs the agent to read/store credentials, but the skill declared no required env vars or config paths.
Install Mechanism
This is an instruction-only skill with no install spec and no bundled code — the runtime risk from install mechanisms is low. However, it assumes a 'browser-use' CLI binary already exists on the host, so the trust shifts to whatever binary is present in the environment.
Credentials
SKILL.md references BROWSER_USE_API_KEY (and a cloud login command that 'saves API key') but requires.env lists nothing. The skill can access local browser profiles, cookies, and local files and can export and send data to cloud browsers or tunnels — these are high-sensitivity capabilities that should have been explicitly declared and justified. The missing declaration of the API key and the ability to read/export cookies/files is disproportionate to the metadata provided and is an information-exposure risk.
Persistence & Privilege
always:false and normal autonomous invocation are used (no 'always' privilege). The SKILL.md does reference saving an API key via 'cloud login' which implies the tool will persist credentials somewhere, but the skill itself does not request permanent platform-level presence or modifications to other skills.
What to consider before installing
This skill appears to be a legitimate browser-automation CLI, but proceed cautiously. Notable red flags: the embedded files (_meta.json) don't match the registry metadata (owner/slug/version), and the instructions reference BROWSER_USE_API_KEY and commands that can access real browser profiles, cookies, local files, and remote tunnels — yet no env vars or config paths are declared. Before installing or allowing this skill to run: 1) verify the source and author (ask for the canonical homepage/repo and confirm the slug/owner/version), 2) ensure the 'browser-use' binary on your system is the genuine tool you expect (check its origin and checksum), 3) avoid using --profile "Default" or any real browser profile during testing (use a disposable profile), 4) do not run cloud connect/tunnel commands or provide API keys until you understand where credentials are stored, and 5) test in an isolated environment (VM/container) if you must exercise commands that export cookies, upload files, or start tunnels. If the maintainer can explain the metadata discrepancy and explicitly declare where API keys/cookies are stored and transmitted, that would materially increase confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk977rj4rhdh3n3sftt9h19x1ss84ckpr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.