ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

chrome-cdp-skill

v1.0.6

Interact with a local Chrome-family browser session over CDP when the user explicitly asks to inspect, debug, or interact with a page they already have open.

0· 363·0 current·0 all-time
by@web3toolshub
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implemented behaviour: the script opens a local DevTools WebSocket, lists pages, screenshots, evaluates JS, clicks, navigates, and manages per-tab daemons. Required binary (node) and read access to browser DevToolsActivePort files are expected for this purpose.
Instruction Scope
SKILL.md instructs the agent to run the included CLI (scripts/cdp.mjs) which reads DevToolsActivePort files, creates a runtime directory and sockets, and connects to the browser's local CDP WebSocket. This is necessary for operation but also means the skill can inspect and control content in any open tab once remote debugging is enabled; eval/evalraw commands allow executing arbitrary JS inside pages. The SKILL.md explicitly warns about sensitive content.
Install Mechanism
No install spec; instruction-only with a single Node script. Nothing is downloaded from external URLs during install and no package managers are required, so install risk is low.
Credentials
The skill requires only Node and optionally reads environment variables CDP_PORT_FILE and CDP_HOST (documented in SKILL.md) and uses home/XDG dirs for sockets/cache. It does not request secret tokens or unrelated credentials. Access to the user's home directory and runtime dirs is necessary for socket files and caching.
Persistence & Privilege
Does not request always:true and is not force-enabled. It spawns per-tab daemons and writes runtime files under a user-scoped directory; daemons auto-exit after idle. It does not modify other skills or global agent configuration.
Assessment
This skill legitimately controls a local browser via Chrome's DevTools Protocol. Before installing: (1) Confirm you trust the skill source and review scripts/cdp.mjs (it runs locally and will create sockets/files under your home directory). (2) Only enable Chrome remote debugging when you intend to allow this access — remote debugging + eval/evalraw can execute arbitrary JS in pages (including pages where you're logged in). (3) Avoid using it on sensitive or production accounts unless you understand the implications. (4) If you need stronger assurance, run the script in an isolated account or VM and inspect the code for any unexpected network calls or telemetry.
scripts/cdp.mjs:619
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c1phtx5e9vw63bv78csxrrs836tyh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
OSmacOS · Linux · Windows
Binsnode

Comments