ClawHub

Agent Browser Jt

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed browser automation guide with sensitive but expected capabilities, so users mainly need to handle saved browser state and traffic data carefully.

Install only if you trust the external `agent-browser` npm package. Use it on sites and accounts you are authorized to automate, review actions before submitting forms or changing account data, and protect any saved auth, cookie, storage, screenshot, PDF, or network-output files as potentially sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly documents saving and loading browser auth state, which commonly includes cookies and other session artifacts that can authenticate a user without re-entering credentials. In an agent-oriented automation skill, omitting any warning about treating these files as secrets increases the chance that operators store, share, or commit reusable session data insecurely.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill exposes commands to read and modify cookies and localStorage, both of which often contain session identifiers, CSRF material, feature flags, or user data. In a tool intended for AI agents, presenting these capabilities without guardrails or warnings can normalize extraction or unsafe mutation of sensitive browser-resident data.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documented network inspection and request modification features can expose transmitted credentials, API payloads, and personal data, and can also alter application behavior in ways that bypass normal workflows. Because this skill is specifically for autonomous browser automation, lack of cautionary guidance raises misuse risk and accidental interception or tampering with sensitive traffic.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal