Back to skill

Security audit

BrowserOS CLI

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed browser-automation skill whose powerful browser controls match its stated purpose, though users should supervise actions on logged-in or sensitive sites.

Install this only if you trust BrowserOS CLI and the BrowserOS app. Use it carefully on logged-in, financial, admin, or sensitive sites, and require confirmation before submitting forms, making purchases, posting content, uploading or downloading files, deleting history/bookmarks, changing account settings, or running eval-style JavaScript.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly enables actions such as clicking, filling forms, submitting data, managing bookmarks/history/tabs, uploads, downloads, and destructive history/bookmark operations, but it does not clearly warn that these actions can change browser/account state or transmit sensitive user data. In a browser-automation skill, this omission is meaningful because an agent may use the skill in authenticated sessions, making accidental submissions, purchases, preference changes, or data disclosure more likely.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.