← Back to Skills Marketplace
Passo - Remote Browser Access
by
Felipe Goulu
· GitHub ↗
· v1.0.0
593
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install passo
Description
Enables secure remote access to a browser on your server for manual tasks like logins, 2FA, and captchas via a protected URL.
Usage Guidance
This skill is coherent with its stated purpose but carries real risk. Before installing: (1) inspect the install.sh contents (do not run curl | bash without review); (2) test in an isolated VM or disposable server, not a production host; (3) confirm the legitimacy and privacy policy of getpasso.app and what data it stores and shares; (4) assume any remote user with access can view cookies, sessions, and 2FA flows — only grant access to trusted people and revoke immediately after use; (5) prefer a self‑hosted or audited installer, and consider alternatives that don't expose a full browser session to third parties.
Capability Analysis
Type: OpenClaw Skill
Name: passo
Version: 1.0.0
The skill is suspicious due to the installation method specified in `SKILL.md`. It instructs the agent to execute an external script directly via `curl -fsSL ... | bash` from `https://raw.githubusercontent.com/felipegoulu/passo-client/main/install.sh`. This constitutes a critical remote code execution (RCE) vulnerability and a direct prompt injection against the agent, as it allows arbitrary, unreviewed code from an untrusted external source to be executed on the host system. While the stated purpose of 'Remote Browser Access' is not inherently malicious, this installation method poses a significant supply chain risk and could lead to data exfiltration, persistence, or other harmful actions if the external script were compromised or designed with malicious intent.
Capability Assessment
Purpose & Capability
Name/description align with the SKILL.md: it intends to install a local browser tunnel and provide a protected URL for manual actions. The extra step of signing up at getpasso.app and installing Chromium/VNC is coherent with that purpose, though those external dependencies are not declared in registry metadata.
Instruction Scope
The instructions tell an operator to run a remote install script (curl https://raw.githubusercontent.com/.../install.sh | bash) which will install browser/VNC and create a tunnel. That script will contact getpasso.app and prompt account signup; the instructions therefore create network-exposed remote access to a full browser session (cookies, logins, 2FA) which is a significant data‑exposure risk. The SKILL.md does not show the install script contents or what it transmits/authorizes.
Install Mechanism
No install spec is in the skill bundle, but the runtime instructions explicitly direct piping a script from GitHub raw into bash. Even though GitHub is a known host, piping remote scripts to shell is high risk because arbitrary code will be executed on the host; the install will also add heavy system components (Chromium, VNC, tunnel) that increase attack surface.
Credentials
The skill itself does not request environment variables or credentials. However, it requires sign-up at getpasso.app and uses Google sign-in for access control; that implies external authentication and possible data collection by the service. The skill does not declare what account data or tokens the external service will store or how long access persists.
Persistence & Privilege
The skill does not request always:true, does not include code that modifies other skills, and is instruction-only. It does, however, create persistent system services on the host via the external installer (per the README), so installation will change the host but that behavior is described in the instructions.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install passo - After installation, invoke the skill by name or use
/passo - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Passo 1.0.0 initial release
- Launches remote browser access via a secure, server-hosted tunnel.
- Enables trusted users to perform manual actions (logins, 2FA, captchas) in a browser on your server.
- Easy installation with automatic setup of required dependencies.
- Simple command-line control: start, stop, and status.
- 30-day free trial, then $5/month subscription.
Metadata
Frequently Asked Questions
What is Passo - Remote Browser Access?
Enables secure remote access to a browser on your server for manual tasks like logins, 2FA, and captchas via a protected URL. It is an AI Agent Skill for Claude Code / OpenClaw, with 593 downloads so far.
How do I install Passo - Remote Browser Access?
Run "/install passo" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Passo - Remote Browser Access free?
Yes, Passo - Remote Browser Access is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Passo - Remote Browser Access support?
Passo - Remote Browser Access is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Passo - Remote Browser Access?
It is built and maintained by Felipe Goulu (@felipegoulu); the current version is v1.0.0.
More Skills