FastPlayWright Skill

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate browser automation skill, but it gives an agent broad web, session, form-submission, JavaScript, and local-file upload power without enough user-facing boundaries.

Install only if you want an agent to control a browser. Use isolated profiles where possible, avoid connecting it to sensitive logged-in sessions, review every file upload and form submission, and pin or audit the npm package before use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill documents a file upload capability using an absolute local path but does not warn that invoking it can transmit local files from the agent host to a remote website. In an agent setting, this creates a real data exfiltration risk because users or downstream agents may treat the example as routine automation and upload sensitive local documents unintentionally.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documentation includes login and form submission workflows with example credentials and personal data but does not warn that these actions may send secrets, credentials, or PII to external sites. In a browser automation skill, this omission is security-relevant because it normalizes automated submission of sensitive data and increases the chance that an agent will forward real credentials or personal information without sufficient user awareness or approval.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal