ClawHub

my-browser-bot

Security checks across malware telemetry and agentic risk

Overview

This is a coherent browser automation skill, but it gives agents broad web control without clear safety boundaries for sensitive or state-changing actions.

Install only if you are comfortable letting an agent control a browser. Use explicit instructions and review before submitting forms, logging in, accepting dialogs, downloading files, taking screenshots, or extracting content from private/account pages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation description is extremely broad ('interact with websites' and 'automating any browser task'), which can cause an agent to invoke this skill for high-risk actions such as logging in, submitting forms, downloading files, or exfiltrating page contents without clear gating. In an agent ecosystem, over-broad routing increases the chance of unsafe autonomous web actions being selected in contexts where additional confirmation or narrower tooling should be required.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation normalizes powerful actions like clicking submit buttons, downloading files, taking screenshots, and extracting page text/HTML/markdown without any warning about consent, privacy, or side effects. Because this skill is designed for autonomous browser control, the lack of warnings and confirmation requirements makes accidental data leakage, unintended transactions, unsafe file retrieval, and capture of sensitive on-screen information substantially more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal