Open Browser Use

Security checks across malware telemetry and agentic risk

Overview

This is a clearly disclosed browser-automation guidance skill, but it should only be used when you intend to let an agent control a real Chrome profile.

Install this only if you trust the Open Browser Use upstream CLI and extension sources and want an agent to operate your real Chrome profile. Keep it scoped to a chosen Chrome profile, approve sensitive actions explicitly, and avoid exposing the MCP/browser-control interface to untrusted agent runtimes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: This reference explicitly exposes powerful capabilities including browser history access, tab claiming, unrestricted CDP execution, downloads, and clipboard read/write, but it does not pair them with any safety guidance, consent requirements, or least-privilege constraints. In an agent skill, this omission is dangerous because downstream agents may treat these operations as normal and invoke them against sensitive user context, enabling privacy violations, session hijacking, or arbitrary browser-side code execution through CDP.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal