OpenClaw Native Browser

The skill is classified as suspicious due to its broad capabilities that present significant security risks if misused or exploited via prompt injection. Key indicators include the `allowed-tools` declaration in `SKILL.md` granting arbitrary `Bash(python:*)` and `Bash(pip:*)` execution, the ability to execute arbitrary JavaScript (`skill.execute_js`) on any loaded webpage, and explicit functions for handling user credentials (`skill.login_perplexity`, etc.) and accessing/manipulating cookies (`skill.get_cookies`, `skill.set_cookie`). While these features align with the stated purpose of a native browser skill, they provide powerful primitives that could be leveraged for data exfiltration, unauthorized actions, or session hijacking if the agent is compromised, making it a high-risk component.