by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill will attach to and control an existing Chrome browser (including whatever accounts are logged in) by asking you to enable remote debugging and potentially open network access on port 9222. That effectively exposes cookies, session tokens, and any pages open in the browser to the agent/remote hosts. Before installing or running it:
- Only use with a disposable or dedicated Chrome profile that contains no sensitive accounts or cookies. Do NOT attach your primary browser/profile.
- Pr...详细分析 ▾
ℹ 用途与能力
The name/description (remote control of Chrome via DevTools/CDP) match the SKILL.md: navigation, element interactions, snapshots, etc., legitimately require a DevTools connection. However the instructions also promote attaching to an already-logged-in 'boss' Chrome, SSRF whitelist tweaks, and remote (LAN) CDP access — capabilities that go beyond simple browsing automation and require elevated access to user sessions.
⚠ 指令范围
The SKILL.md explicitly instructs operators to enable Chrome remote debugging, possibly set --remote-allow-origins=*, open firewall port 9222, and connect over ws://<ip>:9222. It references the user's OpenClaw config path and instructs attaching to an existing logged-in browser (access to cookies, auth sessions). Those steps expose sensitive browser state and network surfaces and are not limited in scope by the manifest.
✓ 安装机制
This is an instruction-only skill with no install spec and no code files. Nothing will be written or downloaded by the skill itself, which reduces install-time risk.
⚠ 凭证需求
No environment variables or credentials are declared, yet the skill relies on unrestricted access to the user's existing Chrome session and to the OpenClaw config path. That implicit requirement (reading/controlling a logged-in browser) is high-privilege and not explicitly surfaced in the manifest or rationale.
⚠ 持久化与权限
The skill recommends persistent platform configuration changes (openclaw.json SSRF whitelist, enabling remote debugging, firewall rules) that can create long-lived network exposure. The skill itself is not always:true, but its recommended configuration changes raise the risk of persistent privilege expansion and external access to the browser session.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/3/25
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install browser-mcp
镜像加速npx clawhub@latest install browser-mcp --registry https://cn.longxiaskill.com