Back to skill
Skillv1.0.0
VirusTotal security
Selenium Browser Control · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 6:01 AM
- Hash
- d513c3f11a1141b8be7e5a3e02d2f8aac55a08ec8e7e90335fe2ea8164c4441e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: browser-automation-ctrl Version: 1.0.0 The skill bundle provides powerful browser automation capabilities via Selenium, including arbitrary JavaScript execution (`js` command), session cookie extraction (`cookies`), and proxy configuration (`proxy`). While these features are aligned with the stated purpose in `SKILL.md`, they represent a high-risk capability set that could be easily leveraged for data exfiltration or session hijacking if the agent is manipulated. The script `scripts/browser_ctrl.py` includes anti-detection measures (CDP commands to hide the webdriver attribute) and allows the agent to capture and return full page sources and cookies to the caller, which are significant security risks in an agentic environment.
- External report
- View on VirusTotal