Browser Gemini Search

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Gemini browser-automation helper, but it reuses your live Chrome session so you should treat it as browser-control access.

Install only if you are comfortable letting the agent control your existing Chrome session for Gemini. Prefer a separate Chrome profile or close sensitive tabs before use, and only run it when you explicitly want Gemini browser automation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The activation text is broad enough to trigger on common browsing or search requests, which can cause the agent to take over the user's existing Chrome session unexpectedly. In this skill, that risk is amplified because it attaches to a live user profile and may interact with already-open tabs, creating a real chance of unintended actions or data exposure.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly uses the user's existing Chrome session via a debug-attached profile, but it does not prominently warn that it will access and control that live session. This is dangerous because the browser context may contain authenticated tabs, sensitive content, and cross-site state, so users may unknowingly grant the agent broad access beyond a simple search action.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal