Claude Chrome

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is coherent for browser automation, but it asks users to run Claude with broad auto-approval and lets tasks continue in the background after timeouts.

Install only if you intend to let Claude Code control Chrome noninteractively. Use a dedicated Chrome profile or test account, avoid sensitive logged-in sessions, keep prompts narrow and low-impact, prefer safer built-in browser tools for simple browsing, and know how to monitor or stop background `claude` processes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

High

Confidence: 96% confidence
Finding: The skill explicitly instructs users to run Claude with `--dangerously-skip-permissions` and says to always use it for automated runs, which removes an important safety barrier for browser and system actions. In the context of a browser automation skill, this can enable silent navigation, clicking, form filling, and other actions on sensitive sites without user confirmation, increasing the risk of data exposure, account misuse, and unintended side effects.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal