Clawdbot Agent Browser

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a coherent browser-automation guide, but it relies on an external CLI and can handle authenticated browser state, so users should verify the tool and protect session files.

Install this only if you trust the external agent-browser npm package and repository. Treat auth.json, cookies, screenshots, PDFs, and extracted page content as sensitive, and ask for confirmation before letting the agent perform important actions on logged-in websites.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

Low

What this means

An agent using this skill could submit forms, change settings, or interact with web apps on the user's behalf.

Why it was flagged

The skill exposes browser actions that can click, type, and modify mocked network responses. This is expected for browser automation, but it can cause real effects on websites if used on authenticated or production pages.

Skill content

agent-browser click @e2
agent-browser fill @e3 "text"
agent-browser network route "**/api/*" --body '{"x":1}'

Recommendation

Use it only for user-approved browsing tasks and require explicit confirmation before high-impact actions such as purchases, posts, deletions, or account changes.

#ASI03: Identity and Privilege Abuse

Medium

What this means

Saved auth files could let someone reuse a logged-in browser session if the files are exposed.

Why it was flagged

The skill documents saving/loading cookies and storage and reading cookies. This is common for browser automation, but those files and values can represent authenticated account access.

Skill content

agent-browser state save auth.json        # Save cookies/storage
agent-browser state load auth.json        # Load (skip login)
agent-browser cookies                     # Get all

Recommendation

Store auth state files securely, avoid committing them to projects, and use separate low-privilege/test accounts when possible.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

Installing the CLI gives trust to the npm package and downloaded browser components outside this skill package.

Why it was flagged

The reviewed skill is instruction-only and directs users to install an external global npm CLI and browser dependencies. This setup is expected for the stated purpose, but the external package is not included in the scanned artifacts.

Skill content

npm install -g agent-browser
agent-browser install                     # Download Chromium
agent-browser install --with-deps         # Linux: + system deps

Recommendation

Verify the npm package and upstream repository before installing, consider pinning versions, and install only in an environment where browser automation dependencies are acceptable.