Automates browser interactions for web testing, form filling, screenshots, and data extraction. Use when the user needs to navigate websites, interact with w...
Security Analysis
medium confidenceThe skill's instructions match a browser-automation tool, but they explicitly allow copying your real Chrome profile (cookies/logins/extensions) and running tasks in the cloud, which can expose sensitive data—review origin and runtime behavior before installing.
The name and description (browser automation: navigation, clicking, screenshots, extraction) align with the commands in SKILL.md. Features like headless Chromium, remote/cloud browser, and CLI-driven interactions are coherent with the stated purpose. However, the documented ability to copy a user's real Chrome profile (cookies, logins, extensions) is a more sensitive capability than typical simple automation and should be considered an elevated privilege for this purpose.
The SKILL.md explicitly instructs the CLI to access local browser profiles (mentions copying your actual Chrome profile and a persistent CLI profile path ~/.config/browseruse/profiles/cli/). It also documents a 'remote' cloud mode and a command to 'run agent in cloud', which implies sending page content and possibly profile-derived data off-host. These instructions permit reading and transmitting sensitive local data (cookies, logins, extensions, site content) beyond basic page interaction.
There is no install specification (instruction-only), which reduces surface area for arbitrary install-time code. However, the SKILL.md expects a native CLI binary 'browser-use' to be installed; the skill provides a GitHub README link but no packaged install source or verification. You should verify the origin and integrity of the 'browser-use' binary before use.
The skill declares no required env vars, but the instructions access sensitive local data (browser profiles, cookies, logins) and reference profile paths. Requesting implicit access to user browser profiles is high privilege relative to the simple automation description and is not explicitly surfaced as a required credential or permission—this mismatch is concerning.
The skill is not marked 'always: true' and uses the platform default that allows autonomous invocation. It does not request to modify other skills or system-wide agent settings in the SKILL.md. Note: autonomous invocation plus the sensitive capabilities above increases potential impact if misused, but autonomous invocation on its own is normal.
Guidance
This skill appears to provide a legitimate browser-automation CLI, but it includes features that can access and transmit sensitive browser data. Before installing or enabling it: 1) Verify the source and integrity of the 'browser-use' binary (check the linked GitHub repo, release signatures, and maintainers). 2) Avoid using the --browser real or --profile options unless you fully trust the tool—those options copy cookies/logins/extensions. Prefer headless Chromium with a fresh profile for testing. 3) Treat 'remote' cloud mode as data exfiltration unless you know the cloud provider, storage, and privacy policy; avoid sending private pages or credentials to the cloud. 4) Run any untrusted binary in an isolated VM/container if you need to test it. 5) If you plan to let an agent invoke this skill autonomously, restrict scope and monitor activity logs; revoke access if you see unexpected profile/credential access. If you want higher confidence, ask the skill author for the installation package, release signatures, and more detail on what files/paths the CLI reads and what data is transmitted to remote services.
Latest Release
v1.0.2
- Documentation reworked and simplified for clarity and easier reference. - Audience broadened: Skill now addresses general browser automation, not just sandboxed/cloud use. - Install modes, tunnel setup, and environment variable explanations are removed for a more concise guide. - New dedicated sections for browser modes, session management, essential commands, and Python execution. - Updated and better-organized CLI command reference. - Usage examples and options for real/Chromium/cloud browsers are clarified with practical guidance. - For full advanced setup details, directs users to the official README.
More by @ShawnPana
Published by @ShawnPana on ClawHub
