← Back to Skills Marketplace
yungookim

OpenClaw Native Browser

by KimY · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
887
Downloads
0
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-browser-2
Description
A stable native browser (WKWebView) for OpenClaw agents. Opens a visible window with tab management, URL bar, and login helpers — every website works, includ...
Usage Guidance
This skill looks like a real native browser wrapper, but it asks you to download and pip-install code from an external GitHub repo and to modify your OpenClaw config and local files. Before installing: 1) review the repository source (https://github.com/yungookim/openclaw-browser) to confirm the code is trustworthy; 2) note that pip install -e . and setup scripts can execute arbitrary code — prefer running in an isolated environment or VM; 3) confirm you are on macOS (WKWebView) and that 'git' is available; 4) be cautious about providing account credentials to the login helpers (they persist cookies/sessions) — avoid reusing high-value credentials; 5) back up ~/.openclaw/openclaw.json before modifying it. If you cannot inspect the repo source or run it in isolation, consider this skill risky.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-browser-2 Version: 0.1.0 The skill is classified as suspicious due to its broad capabilities that present significant security risks if misused or exploited via prompt injection. Key indicators include the `allowed-tools` declaration in `SKILL.md` granting arbitrary `Bash(python:*)` and `Bash(pip:*)` execution, the ability to execute arbitrary JavaScript (`skill.execute_js`) on any loaded webpage, and explicit functions for handling user credentials (`skill.login_perplexity`, etc.) and accessing/manipulating cookies (`skill.get_cookies`, `skill.set_cookie`). While these features align with the stated purpose of a native browser skill, they provide powerful primitives that could be leveraged for data exfiltration, unauthorized actions, or session hijacking if the agent is compromised, making it a high-risk component.
Capability Assessment
Purpose & Capability
The name/description (native WKWebView browser for interacting with websites) matches the SKILL.md content. However, the skill's declared requirements list only python3 and pip while the instructions use git clone and expect a macOS WKWebView runtime; the registry metadata does not restrict OS to macOS even though WKWebView is macOS-specific. The need to clone and pip-install a repo is reasonable for a non-trivial browser wrapper, but the omission of 'git' from required binaries and the lack of an explicit macOS restriction are incoherent.
Instruction Scope
The SKILL.md explicitly instructs the user/agent to clone a GitHub repo and pip install it, to edit ~/.openclaw/openclaw.json to disable built-in web tools, and to use login helpers that will accept and persist user credentials/cookies. Those steps modify user config and the local filesystem and enable credentialed logins; they go beyond a simple read-only integration and are not declared in the registry metadata (no required config paths or env vars). The instructions also hard-code user paths (e.g., /Users/<username>/clawd), which may be brittle and could lead to unexpected file writes.
Install Mechanism
Although the registry lists no install spec, the SKILL.md tells you to git clone https://github.com/yungookim/openclaw-browser.git and run pip install -e ., which will execute arbitrary Python installation logic from an external repo. GitHub is a known host but the owner is not verified here; pip installing editable local code can run arbitrary code on install. The install step is not tracked in the registry metadata, increasing the risk surface.
Credentials
The skill declares no required environment variables or config paths, yet its runtime behavior expects persistent cookies, login helpers that accept email/password for multiple services (ChatGPT, Claude, etc.), and editing of ~/.openclaw/openclaw.json. Those are sensitive actions (credential handling, config modification, local persistence) that should be clearly declared. Also, login helpers imply the skill will handle secrets but no guidance is provided about secure storage or where cookies/credentials are kept.
Persistence & Privilege
The skill runs a persistent singleton browser process with persistent cookies and sessions and instructs editing OpenClaw's config to route web tasks through it. While it does not set always: true, it still requests long-lived local state and alters global OpenClaw configuration — privileges that affect other agent behavior. This cross-cutting modification increases the blast radius if the installed code is untrusted.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-browser-2
  3. After installation, invoke the skill by name or use /openclaw-browser-2
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release introducing a stable, native macOS browser (WKWebView) for OpenClaw agents. - Replaces previous relay/browser controls with a real native WKWebView window for full website compatibility. - Enables visible browser with tab management, URL bar, and login helpers for major AI sites (Perplexity, Grok, Claude, ChatGPT). - Supports navigation, interaction, JavaScript execution, screenshot capture, and persistent multi-site sessions. - Provides a Python API for loading URLs, interacting with pages and forms, tab management, and authentication flows. - Offers installation, setup, and configuration instructions, including how to disable built-in web tools for seamless use. - Requires macOS 10.14+, Python 3.12+, and pywebview 5.1 or newer.
Metadata
Slug openclaw-browser-2
Version 0.1.0
License
All-time Installs 4
Active Installs 3
Total Versions 1
Frequently Asked Questions

What is OpenClaw Native Browser?

A stable native browser (WKWebView) for OpenClaw agents. Opens a visible window with tab management, URL bar, and login helpers — every website works, includ... It is an AI Agent Skill for Claude Code / OpenClaw, with 887 downloads so far.

How do I install OpenClaw Native Browser?

Run "/install openclaw-browser-2" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenClaw Native Browser free?

Yes, OpenClaw Native Browser is completely free (open-source). You can download, install and use it at no cost.

Which platforms does OpenClaw Native Browser support?

OpenClaw Native Browser is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenClaw Native Browser?

It is built and maintained by KimY (@yungookim); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments