Agent Browser Custom

Security checks across malware telemetry and agentic risk

Overview

This is a coherent browser automation skill, but saved browser state, cookies, and storage should be treated like sensitive account credentials.

Install only if you trust the external `agent-browser` CLI. Use test or least-privileged accounts where possible, avoid printing or sharing cookies, localStorage, or saved auth files, do not commit saved state files, and manually review actions that spend money, post publicly, change account settings, or touch production systems.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly instructs users to save and load browser auth state, which typically includes cookies and local/session storage that may contain active session tokens. Without any warning about secret handling, secure storage, scope limitation, or reuse risks, this guidance can lead to credential leakage or unintended account access if the saved state file is exposed.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill documents commands for reading and modifying cookies and localStorage but does not mention the privacy, security, or session-integrity consequences of doing so. In an agent-oriented automation context, this increases the risk of exposing sensitive browser data, tampering with authenticated state, or normalizing unsafe manipulation of security-relevant client storage.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal