Back to skill

Security audit

Browser Use API

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends browser automation tasks to Browser Use's cloud API, with no evidence of hidden persistence, destructive behavior, or unrelated data access.

Install only if you intend to use Browser Use's cloud service. Do not submit secrets, credentials, regulated data, private internal URLs, or confidential workflows unless your organization has approved Browser Use for that data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This skill sends user-provided tasks, and potentially the resulting browsing activity, page content, screenshots, and form interactions, to a third-party cloud browser service, but it does not clearly warn users about that data transfer. In a browser automation context, this omission is meaningful because users may submit sensitive URLs, credentials, internal data, or regulated content without understanding that it leaves the local environment.

External Transmission

Medium
Category
Data Exfiltration
Content
fi

# Submit task
RESPONSE=$(curl -s -X POST "$API_URL/tasks" \
  -H "X-Browser-Use-API-Key: $BROWSER_USE_API_KEY" \
  -H "Content-Type: application/json" \
  -d "{\"task\": $(echo "$TASK" | python3 -c 'import json,sys; print(json.dumps(sys.stdin.read().strip()))')}")
Confidence
94% confidence
Finding
curl -s -X POST "$API_URL/tasks" \ -H "X-Browser-Use-API-Key: $BROWSER_USE_API_KEY" \ -H "Content-Type: application/json" \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.