📦 qa-browser-tester — 实用工具
v1.0.0和 perform exhaustive end--end QA testing web 应用 — clicking every button, filling every form, n...
0· 305·2 当前·2 累计
by @melnikdavid 安全扫描
OpenClaw
可疑
medium confidenceThe skill's instructions largely match its QA purpose, but it asks the agent to run system-level installs, disable Chromium's sandbox, probe system files, and then automatically click/submit everything — behavior that is plausible for exhaustive testing but also risky and lacking safety guards.
评估建议
This skill will install Playwright/Chromium (potentially by running get-pip.py and pip), run system package installs, disable Chromium's sandbox flags, probe system files, and then automatically click and submit everything it finds on the target site. Those actions can be destructive (create/delete data, send emails, trigger payments) and weaken process isolation (no-sandbox). Only run this on an isolated test or staging environment you control. Before running: (1) set BASE_URL to a safe test ta...详细分析 ▾
ℹ 用途与能力
The name/description (exhaustive headless-browser QA) aligns with the instructions: environment detection, installing Playwright/Chromium, and an automated test script. Requiring system package installs and probing the runtime environment (which package manager exists, memory, whether inside Docker) is reasonable for this purpose. However, some instructions (e.g., insistence on specific --no-sandbox flags) reduce process isolation and should be considered risky even if justified for Docker/root scenarios.
⚠ 指令范围
SKILL.md explicitly instructs the agent to run many system commands (apt/apk/curl/get-pip, pip installs), to cat system files (/etc/os-release, /proc/1/cgroup), to print whoami/id, and to report 'ALL output' before proceeding. The test script will click every button and submit every form automatically (including empty/invalid/filled submissions) which can trigger destructive actions (create accounts, send emails, perform deletes or payments) and has no explicit safeguards (dry-run mode, confirmation prompts, whitelist/blacklist, safe HTTP methods, or detection of destructive buttons). Collecting and printing local environment details combined with network installs and automated form submissions increases the chance of unintended or dangerous side effects.
⚠ 安装机制
This is an instruction-only skill (no bundled install), but the runtime instructions direct the agent to install pip (via get-pip.py if needed), pip-install Playwright, and invoke playwright's Chromium installer which downloads large browser binaries from upstream hosts. Those network downloads and package installs will write to the system and may require root. While expected for browser automation, this is higher-risk than an instruction-only skill that only calls existing, preinstalled tools.
ℹ 凭证需求
The skill does not request credentials or environment variables, which is good. It does, however, instruct reading system files and printing identity information (whoami, id) and system state; these actions are reasonable for environment detection but they expose local system details. The skill's operations (installing packages, running browsers with sandbox disabled) can affect the host and are disproportionate if the user expected a lightweight check.
✓ 持久化与权限
The skill is not permanently installed, doesn't declare always:true, and is user-invocable only. It does not request to modify other skills or system-wide agent settings in the provided instructions.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install qa-browser-tester
镜像加速npx clawhub@latest install qa-browser-tester --registry https://cn.longxiaskill.com