bb-browser

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This tool intentionally exposes Chrome DevTools (CDP) to execute arbitrary JS/fetch in authenticated tabs and (via OpenClaw) can access HTTP‑only cookies and session data, enabling credential theft, data exfiltration, and supply‑chain abuse through community adapters and auto‑update.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). Outsider free text can be ingested because bb-browser site <platform>/<command> and bb-browser open/fetch at runtime load third-party web pages/APIs (e.g., Reddit/Twitter/etc.) and then return their page-derived text/JSON into the agent’s LLM context.