Back to skill

Security audit

Smooth Browser

Security checks across malware telemetry and agentic risk

Overview

This browser automation skill is useful and coherent, but it gives an external service broad authority over authenticated browsing, persistent sessions, file transfer, and in-page JavaScript without enough upfront scoping or consent guidance.

Install only if you are comfortable using Smooth as an external browser automation service. Use separate profiles per site, prefer read-only or no-profile sessions for low-risk work, set allowed URL scopes where possible, avoid uploading secrets or confidential documents, delete uploaded files and profiles when done, and require explicit confirmation before login, account-changing actions, JavaScript execution, or file transfer.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger description is extremely broad for a high-capability browser automation skill and can match many ordinary user requests involving websites, forms, scraping, login, or testing. That increases the chance the skill is invoked in situations where persistent sessions, credential use, file handling, or agentic web actions occur without sufficiently explicit user intent or least-privilege constraints.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill prominently supports authentication, persistent profiles, cookie/session reuse, file upload/download, live-view login flows, and data export, but it does not present a clear upfront privacy and persistence warning before those capabilities are introduced. Users or calling agents may therefore expose credentials, cookies, personal data, or downloaded documents without understanding that state can persist across sessions and profiles.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.