Skills
skills/openclaw/skills/agent-browser-with-camoufox/Snyk

agent-browser-with-camoufox

Fail

Audited by Snyk on Mar 5, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). The set includes running remote install scripts (astral.sh, sh.rustup.rs) and installing/running binaries from small or low-reputation GitHub repos (daijro/camoufox, browser-use/agent-browser) and instructions to replace system binaries—actions that can execute unreviewed code and are therefore moderately to highly risky.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required install script and SKILL.md explicitly fetch and clone public third-party resources (e.g., git clone https://github.com/browser-use/agent-browser.git, npm install -g agent-browser, uv/pip install camoufox and using camoufox.sync_api to download browser binaries) and then read/modify files such as src/browser.ts or dist/browser.js as part of its workflow, so untrusted external content can be ingested and materially influence code changes and runtime actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill instructs installing and replacing globally‑installed software (npm -g, uv pip --system, copying into $(npm root -g)/agent-browser and running curl|sh), actions that modify system-wide binaries and likely require elevated privileges and thus can compromise the machine state.
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 5, 2026, 02:12 PM