Automate web browser interactions using natural language via CLI commands. Use when the user asks to browse websites, navigate web pages, extract data from websites, take screenshots, fill forms, click buttons, or interact with web applications.
Security Analysis
medium confidenceThe skill's documentation describes a browser automation CLI that needs an AI model key and optionally remote service keys and a local Chrome profile, but the package metadata omits those requirements and the actual code is not included — these mismatches and privacy implications are concerning.
The described purpose (browser automation) matches the instructions (navigate, act, extract, screenshot). However the metadata declares no required environment variables or binaries while the docs and setup.json explicitly ask for ANTHROPIC_API_KEY, optionally Browserbase API keys, Chrome, and npm-installed dependencies. That omission is an incoherence: a legitimate implementation would declare those requirements.
SKILL.md/REFERENCE instruct the agent to read .env, use an existing Chrome user profile (.chrome-profile/), save downloads to ./agent/downloads/, and automatically choose remote Browserbase if BROWSERBASE_* keys exist — selection is 'no user prompting'. Those instructions access and persist potentially sensitive data (cookies, sessions, downloads, API keys) and can send traffic to a remote service. The docs also claim use of Anthropic/Claude model which requires an API key. The instructions therefore extend beyond simple page navigation into handling credentials and persistent profiles.
The registry shows no install spec (instruction-only), yet setup.json and SKILL.md instruct running `npm install` and `npm link` to create a global 'browser' command. Moreover the skill references source (src/cli.ts) and npm dependencies but no code files or package manifest are present in the package. This mismatch is a red flag — either code is missing from the published bundle or the docs are for an external tool not actually packaged here.
The skill metadata lists no required env vars, but setup/docs require ANTHROPIC_API_KEY and optionally BROWSERBASE_API_KEY and BROWSERBASE_PROJECT_ID. These keys are proportionate to using an LLM backend and a remote browser service, but they are not declared in the skill metadata. Additionally, persisting a Chrome profile and downloads can expose sensitive session cookies or downloaded files; that persistence should be explicit in metadata and user warnings.
The tool is not marked always:true, but the docs intentionally persist .chrome-profile/ and ./agent/downloads/ and recommend preserving session cookies. Persisting profiles and downloads is functionally reasonable for a browser automation tool, but combined with automatic, non-prompted selection of remote mode (if keys are present) and 'stealth' / proxy capabilities in Browserbase mode, this increases the risk surface and should be made explicit to users.
Guidance
Do not install or run the npm commands from this package yet. Key concerns: (1) The package metadata claims no required env vars or binaries, but the docs and setup.json require ANTHROPIC_API_KEY, optional Browserbase API keys, Chrome, and npm dependencies — this inconsistency suggests the published bundle is incomplete or mislabeled. (2) The tool preserves a Chrome profile and saves downloads locally (./agent/downloads/), which can retain cookies, active sessions, and downloaded files — consider privacy implications. (3) Browserbase/remote mode would send browsing activity and page contents to a remote service if BROWSERBASE_* keys are present; the skill claims it will switch to that mode automatically without prompting. (4) The docs instruct running `npm install` and `npm link` for a global CLI but no source/package files are present in the bundle; running these commands from an unknown source could install arbitrary code. Before proceeding, ask the publisher for: (a) the source repository or a verified release tarball (ideally GitHub or official domain), (b) a package.json and full source to inspect, (c) corrected registry metadata that lists required env vars and permissions, and (d) details about what Browserbase is, its privacy policy, and where remote traffic is sent. If you must test: run in an isolated VM/container, do not reuse real browser profiles or credentials, and never expose real ANTHROPIC_API_KEY or other secrets until you have verified the code and origin.
Latest Release
v1.0.1
Initial public release
More by @peytoncasper
Published by @peytoncasper on ClawHub
