Agent Browser Clawdbot 0.1.0

Security checks across malware telemetry and agentic risk

Overview

This is a transparent browser automation skill, but saved sessions and cookie/storage commands should be treated like access to logged-in accounts.

Install only if you trust the external agent-browser package. Use this skill on intended sites, avoid unsupervised actions on real accounts, and protect auth state files, cookies, local storage, screenshots, and PDFs as sensitive data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly encourages saving and loading browser auth state files but does not warn that these files can contain active session cookies, tokens, and storage data. In an agent context, this can lead to credential leakage, unintended session reuse across tasks, or persistence of privileged access if the files are stored insecurely or shared.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The documented cookie and local storage commands enable direct reading and modification of sensitive browser state without any safety guidance. For an AI agent skill, this increases the risk of exposing session identifiers, CSRF tokens, PII, or corrupting application state, especially if the agent operates on real accounts or untrusted sites.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal