Back to skill

Security audit

sjht-web-screenshot

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Puppeteer screenshot skill for user-selected web pages, including logged-in SPAs, with handling risks around credentials and saved screenshots but no evidence of hidden or malicious behavior.

Install only if you need automated web screenshots. Use test or least-privileged accounts, avoid putting real passwords in reusable config files or version control, store outputs in an approved private directory, and review screenshots and result.json before sharing. Use storeLogin only for apps you control and when you understand the exact store method being invoked.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documentation explicitly shows plaintext credentials in the config and describes automated login flows, but provides no warning about secret handling, storage, or leakage risks. In practice, users may paste real credentials into JSON files, shell history, logs, agent traces, or shared artifacts, increasing the chance of credential disclosure and downstream unauthorized access.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill states that it writes screenshots and result.json metadata to disk but does not warn that these artifacts may contain sensitive application content, internal URLs, titles, or authenticated views. Because the tool is designed for local or remote web apps, including login-required SPAs, it can easily persist confidential data to disk where it may be exposed to other users, backups, or later exfiltration.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.