Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Headful Browser (VNC)
v1.0.2Headful Chromium with VNC/noVNC operator UI and Chrome CDP exports (cookies, screenshots, outerHTML).
⭐ 1· 109·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (headful Chromium with VNC and CDP exports) align with the included scripts and Node exporter. The scripts implement VNC session start/stop, Chrome launch with remote-debugging, and Playwright-based export of HTML/screenshot/cookies — all coherent with the stated purpose.
Instruction Scope
Runtime instructions and scripts read a skill-local .env and use environment variables such as VNC_PASSFILE, REMOTE_DEBUG_PORT, PROXY_URL, OUT_DIR and CHROME_USER_DATA_DIR — these are appropriate for the task. The installer can run package-manager commands, but only when explicitly confirmed. The scripts do include a global pkill fallback gated by an explicit ALLOW_CHROME_FORCE_RESTART flag and --force; this is dangerous if enabled but documented.
Install Mechanism
This is instruction/script-only (no install spec). Provided Dockerfile and setup guidance use standard public sources (apt, nodesource, Google Chrome direct URL). The installer prints commands and requires confirmation before privileged operations; no opaque third‑party binary downloads or URL shorteners are used.
Credentials
Requested env vars (VNC_PASSFILE, REMOTE_DEBUG_PORT, PROXY_URL, OUT_DIR, ALLOW_CHROME_FORCE_RESTART, CHROME_USER_DATA_DIR, VNC_IMPLEMENTATION) are reasonable for managing VNC/Chrome sessions and artifact output. No unrelated secrets are requested. There is an inconsistency in the provided metadata: the repository SKILL.md and skill.json declare required_env, but the registry summary at the top of your report showed 'Required env vars: none' — verify registry metadata and the skill-local .env before use.
Persistence & Privilege
The skill is not forced-always, does not request permanent elevated presence, and does not modify other skills. It documents optional systemd/service templates (deployment requires sudo and explicit consent). Autonomous invocation is allowed by default (normal) but not combined with other red flags here.
Assessment
This package appears to implement exactly what it claims: a server-side headful Chromium + VNC environment with CDP-based exports. Before installing or running it: (1) verify the skill origin (skill.json references a GitHub URL but the registry metadata you were shown said source/homepage unknown — confirm the upstream repository and publisher trustworthiness); (2) inspect and create a skill-local .env (chmod 600) so you control paths and flags (VNC_PASSFILE, OUT_DIR, CHROME_USER_DATA_DIR, REMOTE_DEBUG_PORT); (3) do not expose VNC/noVNC to the public Internet — use SSH tunnels or bind to localhost/token gating as documented; (4) be cautious with the installer auto-install path (it will suggest apt/curl commands that download packages — run them only on trusted hosts and review commands like nodesource or Google Chrome deb downloads); (5) avoid enabling ALLOW_CHROME_FORCE_RESTART unless you accept the possibility of global chrome pkill behavior; (6) run the included smoke test in a sandboxed environment (container) first. If you want higher assurance, confirm the upstream Git commit history and that the published package matches the upstream repo.Like a lobster shell, security has layers — review code before you run it.
latestvk97abtzgayq4znz40nr03tzshx83qtyt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.