ClawHub

SmoothBrowser

Security checks across malware telemetry and agentic risk

Overview

SmoothBrowser appears legitimate, but it gives an agent broad control over web browsing, logins, files, JavaScript, and saved sessions without enough clear approval boundaries.

Install only if you are comfortable letting Smooth, a third-party browser automation provider, operate websites on your behalf. Prefer anonymous or read-only sessions, restrict allowed URLs when possible, avoid uploading sensitive files unless necessary, and require explicit approval before reusing logged-in profiles, submitting forms, posting content, purchasing, downloading private data, or changing account settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases and description are broad enough that the skill may be invoked for almost any web-related task, including sensitive workflows like login, form filling, scraping, and account actions. In an agent ecosystem, overbroad routing increases the chance of unintended browser automation on live sites, which can expose credentials, submit forms, or perform state-changing actions without sufficiently narrow user intent matching.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly supports persistent profiles, authenticated sessions, file upload/download, cookies, local storage, and saved browser state, but does not present an explicit privacy and data-retention warning before use. This is dangerous because agents may store credentials, session cookies, uploaded documents, and downloaded sensitive files across sessions, creating risk of unintended retention, cross-task reuse, or disclosure of personal or confidential data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal