chrome-cdp 安全扫描报告 — 可信 | ClawSafe

5 /100

chrome-cdp

让AI访问已打开的Chrome标签页

Legitimate Chrome Remote Debugging Protocol tool with all capabilities properly declared in documentation.

技能名称chrome-cdp

分析耗时30.0s

引擎pi

✓

可以安装

Skill is safe for use. No malicious indicators found.

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	index.js:4 reads path module, reads SKILL.md
命令执行	`WRITE`	`WRITE`	✓ 一致	index.js:16 uses execSync('node scripts/cdp.mjs ...')
浏览器	`READ\|WRITE`	`READ\|WRITE`	✓ 一致	CDP operations: listTabs, snap, html (read); click, type, navigate (write)
网络访问	`NONE`	`NONE`	—	No external network calls - only local Chrome CDP via localhost

1 项发现

🔗

中危外部 URL 外部 URL

https://mail.google.com/...

SKILL.md:76

目录结构

4 文件 · 9.1 KB · 388 行

Markdown 2f · 184L JavaScript 1f · 176L JSON 1f · 28L

├─ 📋 _meta.json JSON 28L · 885 B

├─ 📜 index.js JavaScript 176L · 4.2 KB

├─ 📝 README.md Markdown 60L · 1.2 KB

└─ 📝 SKILL.md Markdown 124L · 2.8 KB

✓ All shell execution declared in SKILL.md usage examples

✓ JavaScript evaluation capability explicitly documented

✓ No credential harvesting or sensitive path access

✓ No base64 encoding, obfuscation, or anti-analysis patterns

✓ No external C2 or data exfiltration channels

✓ Simple, readable codebase with clear purpose

✓ Uses official Chrome Remote Debugging Protocol