Browser Use

- Added two new reference documents: CDP Python usage and multi-session workflows. - Clarified the distinction between headless mode, connecting to Chrome, and cloud browser usage. - Made tab management commands (`tab list`, `tab new`, `tab switch`, `tab close`) explicit in documentation. - Improved explanations for cloud connection, API key registration, and agent self-registration. - Added instructions for multi-session (parallel browser) usage. - Updated troubleshooting guidance for failed commands and session cleanup.

OpenClaw analysis

The skill's instructions are coherent with a browser-automation tool, but they give the agent powerful, sensitive capabilities (connect to your real Chrome profile, read/set cookies, run arbitrary CDP/JS, upload local files, and use a cloud API key) without clearly declaring or constraining those sensitive accesses.

Confidence: medium

VirusTotal

Type: OpenClaw Skill Name: browser-use Version: 2.0.1 The bundle provides a powerful browser automation toolset with several high-risk capabilities, including arbitrary Python execution via `browser-use python` and JavaScript execution via `browser-use eval`. It also features commands for exporting session cookies, accessing the user's local Chrome profiles, and establishing network tunnels (`browser-use tunnel`). While these functions are consistent with the stated purpose of advanced web automation and testing, they represent a significant security risk as they could be easily leveraged for data exfiltration or host compromise. Files: SKILL.md, references/cdp-python.md.