ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Claw Browser Automation

v1.0.0

A fast Rust-based headless browser automation CLI with Node.js fallback that enables AI agents to navigate, click, type, and snapshot pages via structured co...

0· 69·1 current·1 all-time
by@zhangsaizz·fork of @thesethrose/agent-browser (0.2.0)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (browser automation) matches the instructions (agent-browser CLI commands). Requiring node/npm is appropriate. Minor mismatch: the description highlights a "Rust-based" binary with Node fallback, but SKILL.md only shows npm/pnpm install paths and no Rust build instructions — this may be marketing or reflect a prebuilt Rust binary shipped via npm, but it is worth verifying upstream.
!
Instruction Scope
Instructions are focused on web automation (navigate, snapshot, click, fill, screenshots, video, cookies, storage). These actions inherently allow reading site cookies/localStorage, uploading files, setting headers/credentials, and recording sessions — all expected for this purpose but also capable of exposing sensitive data. The SKILL.md does not direct unrelated file/credential reads, but an agent using these commands could exfiltrate data from pages or upload local files if given access.
Install Mechanism
The skill is instruction-only (no install spec). SKILL.md recommends installing agent-browser from npm or building from GitHub (vercel-labs/agent-browser). Installing an external npm package is normal but carries the usual third-party package risk — you should verify the npm package and GitHub repo before installing.
Credentials
The skill declares no required environment variables or config paths and only needs node/npm binaries. SKILL.md shows runtime commands that accept credentials/headers as parameters (e.g., HTTP basic auth) but these are invoked at runtime rather than requiring new env secrets. No disproportionate environment or credential access is requested by the skill bundle itself.
Persistence & Privilege
always:false and no install-time persistence is requested by the skill. It does not ask to modify other skills or system-wide settings. Autonomous model invocation is allowed (default) — combine this with the CLI's data-access capabilities when deciding whether to allow autonomous runs.
What to consider before installing
This skill is an instruction-only wrapper that tells an agent how to use the third-party agent-browser CLI. Before installing or invoking it: 1) Verify the upstream package/repo (npm package name, maintainer, GitHub repository) and read its release artifacts — the SKILL.md references vercel-labs/agent-browser but the skill's metadata has mismatched owner/version info, so confirm authenticity. 2) Be aware the CLI can read cookies, localStorage, take screenshots, record video, set headers, and upload files — any of these can leak sensitive data if misused. 3) If you plan to let agents run autonomously, run the CLI in an isolated environment (VM/container) or restrict agent permissions and review command logs. 4) Prefer installing from well-known, trusted sources and inspect the npm package contents before granting it access to sensitive pages or local files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fk5q6s8bbptkq013rkx0e7x83avtb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Binsnode, npm

Comments