ClawHub

patchright-stealth-browsing

Security checks across malware telemetry and agentic risk

Overview

This skill openly teaches stealth browser automation against anti-bot protections and includes cookie/session handling, so users should review it carefully before installing.

Install only if you have a legitimate, authorized need to test or automate systems you control. Treat cookie export/import as sensitive account access, avoid using it on third-party protected services without permission, and make sure the private MCP server and any stored browser sessions are tightly controlled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly promotes stealth browser automation to bypass bot detection from providers like Cloudflare, Akamai, and Datadome, but provides no compliance, authorization, or abuse-prevention framing. In the context of an agent skill, this omission is dangerous because it normalizes evasive access to protected sites and enables automated misuse at scale.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly supports reading, writing, and clearing browser cookies to preserve or restore authenticated sessions, but it does not clearly warn users about the privacy and account-security implications. This can enable silent reuse or manipulation of authentication state, increasing the risk of unintended access to user accounts or session leakage.

Ssd 4

High
Confidence
97% confidence
Finding
The opening description frames the capability as a normal automation skill while stating that it provides guidance for remaining undetected. That is a direct evasion objective, and in an agent-executable context it materially increases the risk of credential stuffing, scraping, fraud, or unauthorized access workflows against protected services.

Ssd 2

High
Confidence
95% confidence
Finding
The description uses softened operational language ('perform stealth browser automation') to conceal that the actual purpose is bypassing anti-bot protections. This kind of euphemistic framing can help harmful capability pass as benign tooling, making it more likely to be adopted for abusive automation.

Ssd 4

High
Confidence
98% confidence
Finding
The usage section lays out an operational workflow for using stealth tooling on protected targets, overcoming context limitations, optimizing form input, synchronizing waits, and handling anti-bot blockers, captchas, and timeouts. This is not incidental documentation; it is actionable enablement for bypassing site defenses and sustaining automated access under countermeasures.

Ssd 2

Medium
Confidence
98% confidence
Finding
The skill is expressly designed to perform stealth browser automation to bypass anti-bot protections from services like Cloudflare, Akamai, and Datadome. In context, this is not neutral browser automation guidance; it is operational enablement for evading defensive controls that websites use to prevent abuse, scraping, credential attacks, and other unauthorized automation.

Ssd 2

Medium
Confidence
97% confidence
Finding
The guidance to override headless settings, rotate user agents, and vary viewport/device characteristics specifically to prevent fingerprint-based blocking provides concrete evasion techniques. Combined with the skill's stated purpose of stealth browsing, this materially increases its usefulness for defeating website security controls and conducting unauthorized automated access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal