ClawHub
Back to skill

Security audit

Agent Browser 0.2.0

Security checks across malware telemetry and agentic risk

Overview

This is a transparent browser automation wrapper with sensitive but expected capabilities, so it should be used carefully on logged-in sites and private files.

Install only if you trust the upstream agent-browser CLI. Use it for explicit browsing, testing, or data-extraction tasks; confirm uploads and high-impact form submissions; avoid exposing private files or secrets; and delete or protect saved auth state, screenshots, PDFs, traces, and recordings that may contain sensitive page or session data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documents screenshots, PDFs, and video recording without warning that these commands persist potentially sensitive page contents to disk. In an agent context, this can capture credentials, personal data, internal documents, or authenticated application state and leave recoverable artifacts on the host.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Saving and loading authentication state without prominently warning about token and session sensitivity encourages insecure handling of reusable authenticated artifacts. If the saved state file is exposed, another party may be able to hijack a live session and access protected resources without re-authenticating.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill exposes commands for setting credentials and reading cookies/localStorage without privacy or secret-handling guidance. In an agent workflow, these features can directly access or manipulate authentication material and other sensitive user data, increasing the risk of credential leakage or unintended exfiltration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal