A fast Rust-based headless browser automation CLI with Node.js fallback that enables AI agents to navigate, click, type, and snapshot pages via structured commands.
Security Analysis
high confidenceThe skill is an instruction-only wrapper for an agent-browser CLI and its declared requirements (node/npm and an npm-installable CLI) match the documented behavior — nothing in the skill files requests unrelated credentials or system access.
The name and description claim a headless browser CLI wrapper and the SKILL.md exclusively documents how to install and use an agent-browser CLI. Required binaries (node, npm) and the npm install instructions are consistent with building/using a Node-distributed CLI. There are no unrelated credentials, binaries, or config paths requested.
The runtime instructions direct the agent to run agent-browser CLI commands (open, snapshot, click, fill, screenshot, record, etc.). They do not instruct the agent to read arbitrary local files, environment variables, or other system configuration beyond invoking the CLI. Note: because the CLI automates arbitrary web pages and can capture screenshots, upload files, and record video, those features can expose user data if used against sensitive sites — but that capability is coherent with a browser automation tool.
This is an instruction-only skill with no embedded install spec; SKILL.md instructs the user/agent to install via npm (npm install -g agent-browser) or build from a GitHub repo. That is a normal distribution mechanism, but it means the actual code comes from npm/GitHub — verify the npm package and repository provenance before installing globally. Because no install artifacts are bundled with the skill, the security posture depends on the external package source.
The skill does not request environment variables, keys, or config paths. Requesting node and npm is appropriate for a Node-distributed CLI. There are no unrelated credential requests or excessive environment access declared.
The skill does not request always:true or any persistent elevated privileges. It is user-invocable and allows normal autonomous invocation (platform default). There is no indication it attempts to modify other skills or system-wide agent settings.
Guidance
This skill appears to be a straightforward wrapper around an agent-browser CLI and is internally consistent. Before installing or invoking it: 1) Verify the npm package and GitHub repository (author, package contents, recent releases) to ensure you trust the upstream code; 2) Prefer installing in a sandbox or container rather than globally if you are unsure; 3) Be mindful that the CLI can navigate arbitrary sites, capture screenshots, upload files, and record video — avoid running it against accounts or pages containing sensitive data unless you trust the CLI and the agent's commands; 4) If you want stronger guarantees, inspect the agent-browser package source (or vendor a vetted binary) before usage. Overall, nothing in the SKILL.md requests unrelated secrets or system access.
Latest Release
v0.2.0
**Big update: Expanded documentation and new contribution guidelines.** - Added a CONTRIBUTING.md file with guidelines for contributors. - Significantly revised and expanded SKILL.md: - Clearer structure, concise “Quick start,” and streamlined “Core workflow.” - Added or reorganized sections: video recording, mouse control, semantic locators, browser settings, cookies/storage, network, tabs, frames, dialogs, JS, and session state management. - More comprehensive examples and improved command explanations. - Introduced allowed-tools field in SKILL.md for clearer operational context.
More by @TheSethRose
Published by @TheSethRose on ClawHub
