Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
browser-file-uploa
v1.0.0Automates file uploads on web pages via agent-browser CLI or Python script, supporting flexible file paths and optional file input selectors.
⭐ 0· 43·0 current·0 all-time
by@weixizi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md and Python script clearly require and call the external agent-browser CLI to open pages, click elements, and upload files, but the skill metadata declares no required binaries. That mismatch reduces transparency: agent-browser availability and trustworthiness are essential for this skill to work and to understand its blast radius. The script also resolves OPENCLAW_WORKSPACE and other environment variables even though no environment variables are declared in the metadata.
Instruction Scope
Instructions and the script stay within the stated purpose (navigate to a URL and upload a specified local file). They intentionally support absolute/relative/workspace/env-var paths and will read any file the user points at. The instructions do not direct data to unexpected remote endpoints beyond the target URL, but because the skill invokes the agent-browser CLI (an external tool) that tool will perform the network transfer — you should ensure agent-browser is trusted.
Install Mechanism
There is no install spec (instruction-only style) and a shipped Python script. Nothing is downloaded or written by an installer. This is the lowest-risk install mechanism, but the included script executes subprocess calls to agent-browser.
Credentials
The metadata claims no required environment variables, yet the script expands arbitrary environment variables (os.path.expandvars, expanduser) and looks up OPENCLAW_WORKSPACE (falling back to ~/.openclaw/workspace). No sensitive credentials are requested, but the skill will use environment values to locate files — the metadata should have declared OPENCLAW_WORKSPACE as a possible config and documented the behavior more explicitly.
Persistence & Privilege
The skill does not request permanent/always-on presence and does not modify other skills or system settings. It runs on demand and invokes external CLI commands; autonomous invocation is allowed by platform defaults but is not requested specially by this skill.
What to consider before installing
This skill appears to do what it says (automate file uploads), but there are a few things to check before installing: 1) The skill relies on the external agent-browser CLI (not declared in metadata) — verify agent-browser is installed and that you trust it, because it will perform the actual network interactions. 2) The Python script will read any local file path you give it (including paths resolved from environment variables or OPENCLAW_WORKSPACE); avoid pointing it at sensitive files. 3) Metadata should declare OPENCLAW_WORKSPACE or other env usage; treat the absence as a transparency issue. 4) As a precaution, run the script with a non-sensitive test file and inspect console output first, or run it in a sandboxed account/environment.Like a lobster shell, security has layers — review code before you run it.
latestvk9744cpek0ydm93g6fsfgbd28s83pade
License
MIT-0
Free to use, modify, and redistribute. No attribution required.