bb-browser-openclaw

SUSPICIOUS: the skill's main behavior is mostly aligned with its stated purpose, but it has a broader trust and data-access footprint than a simple website helper. The biggest concerns are community adapter updates, wildcard bb-browser execution, and authenticated scraping across many sites using browser login state. No clear evidence of credential theft or malicious exfiltration to unrelated endpoints was shown, so this looks like a medium-risk, high-sensitivity browser automation skill rather than confirmed malware.