Back to skill

Security audit

Lightcone Browse

Security checks across malware telemetry and agentic risk

Overview

This is a clearly disclosed cloud browser-automation skill, with real privacy and action risks that users should manage deliberately.

Install only if you want an agent to operate a remote browser on your behalf. Avoid credentials, payment details, private account pages, purchases, or irreversible submissions unless you explicitly intend to send that data through the Lightcone cloud automation service and have reviewed the site’s terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation text is very broad and can trigger on many ordinary browsing or web-interaction requests, which increases the chance the agent invokes a powerful browser-automation skill when a safer, narrower capability would suffice. Because this skill can navigate sites, scrape content, and fill forms on external services, overbroad activation expands the attack surface for unintended actions, data submission, or account-affecting behavior.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description presents browser automation as a general browsing helper without warning that it may click, type, submit forms, and otherwise affect third-party sites or user accounts. In this context, the tool is inherently capable of state-changing external actions, so missing safety guidance makes accidental credential entry, unwanted submissions, purchases, or policy-violating automation more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.