Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Browser
v0.1.0Automates browser interactions for web testing, form filling, screenshots, and data extraction. Use when the user needs to navigate websites, interact with web pages, fill forms, take screenshots, test web applications, or extract information from web pages.
⭐ 23· 5.1k·27 current·29 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (browser automation: navigation, form-filling, screenshots, extraction) align with the provided SKILL.md, reference docs, and bash templates. The scripts and examples use only the agent-browser CLI and local file operations consistent with the stated purpose; there are no unrelated service credentials, binaries, or install steps requested.
Instruction Scope
Instructions include full automation flows, saving/loading session state files (which contain cookies/localStorage), proxy configuration (including examples with credentials in proxy URLs), OAuth/SSO handling, and file uploads. These actions are expected for a browser automation tool, but they involve handling sensitive data (session tokens, credentials) and can be used for large-scale scraping. The SKILL.md and templates do not instruct the agent to exfiltrate data to third-party endpoints, but they do show how to persist and load state files and print/access page text to local files.
Install Mechanism
Instruction-only skill with no install spec and no downloaded code. The only code present are local bash templates and markdown references; nothing is fetched or extracted from remote URLs during install, which is low risk.
Credentials
The skill declares no required environment variables or primary credential. Reference docs recommend using environment variables for credentials and show proxy env var usage (HTTP_PROXY/HTTPS_PROXY/ALL_PROXY). Those recommendations are reasonable for the use case but involve sensitive data (proxy auth credentials, usernames/passwords) and should be applied cautiously. No unrelated secrets or broad credentials are requested by the skill itself.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges or modify other skills. It documents saving/loading session state files under user control; this is normal for session-management but increases responsibility for users to protect those files.
Assessment
This skill appears to be what it says: a CLI-driven browser automation toolkit. Before installing or using it, consider the following: (1) Saved session state files contain cookies and tokens — treat them as secrets (don't commit them to repos; delete after use). (2) Proxy configuration examples include credentials in environment variables or URLs; only use trusted proxies and avoid embedding long-lived credentials. (3) The templates enable scraping and proxy rotation; ensure you have legal/ethical authorization for any automated scraping you perform. (4) The skill runs commands that can read/write local files (state files, screenshots, extracted text); review any scripts you run and where they write output. (5) Autonomous invocation is allowed by default (agent can invoke the skill), which is normal, but if you plan to allow the agent to act on private accounts, review access controls and restrict use to short-lived/test credentials where possible.Like a lobster shell, security has layers — review code before you run it.
latestvk97ahtzk2jh9ds6vdjy45akc9x8056pv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.