Browser Session Isolation — ClawHub Skills Review

Our Problem

Per-session browser isolation without config writes that crash the gateway. We want each OpenClaw session (thread) to get its own isolated browser context (cookies, storage, state).

Tier 1: Best Candidates (local, session-isolated, no cloud dependency)

1. 🏆 agent-browser by @thesethrose

⭐ 762 stars · 171k downloads · 3,400 installs — most popular browser skill on ClawHub

• Session isolation: agent-browser --session <name> creates fully isolated Playwright contexts
• How it works: Rust CLI + Node.js fallback, runs its own Playwright instance independently of OpenClaw's browser
• State persistence: agent-browser state save/load auth.json for reusable auth
• Parallel: Multiple --session contexts can run simultaneously
• Security scan: Benign (high confidence)
• Install: npm i -g agent-browser
• Pros: Battle-tested, fast (Rust), deterministic ref-based interaction, zero OpenClaw config writes, parallel sessions native
• Cons: Separate CLI from OpenClaw browser tool — agents need to learn different commands. Not integrated with OpenClaw's before_tool_call hooks.
• Verdict: 🟢 Top pick for session isolation. Most mature, most installs, clean architecture.

2. browser-secure by @riverho

926 downloads · 0 installs

• Session isolation: Incognito by default, or --profile for named Chrome profiles
• Profile creation: browser-secure profile --create "Name" --launch
• Security: Vault integration (Bitwarden/1Password), approval gates, audit logging, 30-min session timeout
• Security scan: Suspicious (medium) — concern about launchPersistentContext modifying profile data
• Verdict: 🟡 Interesting security model but overkill and unproven (0 installs).

3. ubuntu-browser-session by @linsuisheng034

Security scan: Benign (high confidence)

• One-per-site profile model, Xvfb + noVNC handoff
• Verdict: 🔴 Linux-only — we're on macOS.

4. ghost-browser by @neothelobster

• Python daemon, nodriver (stealth Chrome), profile create/clone/delete
• Security scan: Suspicious — broken packaging
• Verdict: 🔴 Broken packaging, 0 installs.

Tier 2: Cloud Browser Services

5. browserbase-sessions / browserbase

• Each API session is inherently isolated (cloud browser)
• Named contexts for persistent auth, CAPTCHA solving, session recording
• Cost: Paid API required
• Verdict: 🟡 Natural isolation but cloud-dependent + cost.

6. steel-browser / browser-steel

• Each Steel.dev session = fresh browser
• Cost: Steel API key required
• Verdict: 🟡 Cloud-dependent.

Tier 3: Limited / Doesn't Solve Our Problem

7. browser-automation-v2

• Wraps OpenClaw's browser CLI, adds concurrency lock
• Verdict: 🔴 Same underlying OpenClaw browser — doesn't solve config write problem.

8. use-browser

• --session NAME works but designed for social media automation
• Verdict: 🟡 Session isolation works but niche purpose.

9. neo-browser

• CDP + Chrome extension, per-domain API schemas
• Verdict: 🟡 API discovery tool, not session isolation focused.

10. multi-user-privacy

• Per-user subagent routing with memory isolation
• Verdict: 🟡 Session isolation at message level, not browser level.

🏆 Recommendation: agent-browser

1. 762⭐, 3,400+ installs — battle-tested
2. --session <name> = instant isolation — separate cookies/storage per context
3. Zero OpenClaw config writes — no gateway restarts
4. State save/load for persistent auth
5. Rust-fast with Node.js fallback
6. Benign security scan

Plan: Install agent-browser, disable our custom plugin, use --session flag keyed to OpenClaw session IDs. Optionally write a thin before_tool_call hook to translate OpenClaw browser calls → agent-browser calls.