browser-read-x

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed browser-page text extractor for X/Twitter, with privacy risk if the user runs it on a sensitive page but no evidence of hidden exfiltration or persistence.

Install only if you are comfortable with a tool that can read and return text from the currently open browser page. Use it on the X/Twitter post or article you intend to extract, and avoid running it on private messages, email, account settings, internal tools, or other sensitive pages.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This script extracts the full visible page text, metadata, and current URL from whatever page is open and returns it to the caller with no in-skill consent check, origin restriction, or data minimization. In an agent setting, that can expose sensitive information from authenticated pages, private posts, DMs, account data, or other browser-visible content beyond the user's likely expectation for a 'read X post/article' helper.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal