Browser Automation
Automate web browser interactions using natural language via CLI commands. Use when the user asks to browse websites, navigate web pages, extract data from websites, take screenshots, fill forms, click buttons, or interact with web applications.
暂无可比对内容
需要至少一个上一版本,才能生成差异对比。
Security Scan
状态
suspicious
OpenClaw
gpt-5-mini
OpenClaw 分析
The skill's documentation describes a browser automation CLI that needs an AI model key and optionally remote service keys and a local Chrome profile, but the package metadata omits those requirements and the actual code is not included — these mismatches and privacy implications are concerning.
置信度: medium
VirusTotal
Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The skill is classified as suspicious due to several high-risk capabilities, even though it does not explicitly instruct malicious actions. The `SKILL.md` explicitly allows the `Bash` tool, granting the AI agent arbitrary command execution. The `REFERENCE.md` details that the browser has 'full network access' and uses a 'persistent profile (`.chrome-profile/`)' which can store 'saved passwords and cookies,' creating a potential vector for credential access or exfiltration if combined with Bash commands. Additionally, the skill can download arbitrary files to `./agent/downloads/`, which could then be executed by the agent using the allowed Bash tool.