Back to skill

Security audit

Bright-Data-MCP-Claude-Skill-deep-research

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Bright Data web-scraping skill, but it needs review because it can automate logged-in browsing, clicking, and persistent sessions without clear user controls.

Install only if you intentionally want Bright Data-powered scraping and browser automation. Set explicit domains, URL counts, and modes before use; avoid logged-in or private pages unless you own or are authorized to use the account; keep interactions read-only unless you explicitly approve them; and assume queries, URLs, and scraped content may be sent to Bright Data and target websites.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill advertises very broad activation phrases such as general research, analysis, and web content tasks, which can cause the agent to invoke a scraping-capable skill for ordinary user requests. Because the skill includes browser automation, extraction, and anti-bot workflows, overly loose routing increases the chance of unnecessary use of high-risk capabilities and bypasses more context-appropriate skills or safeguards.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill operationally enables scraping, browser automation, extraction, and anti-bot protected research, but it does not require a prominent upfront warning or gating step around privacy, terms-of-service compliance, consent, or data sensitivity. In this context, that omission is meaningful because the toolset can collect data at scale and interact with protected or dynamic sites, increasing the risk of misuse against personal data, restricted content, or sites that prohibit automation.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The example explicitly instructs batch scraping of external academic pages but does not warn the user that the workflow will initiate outbound network requests and transmit target URLs/queries to external services. While this is expected for a web-research skill, the lack of transparency can cause unintended data disclosure or surprise network activity, especially if users include sensitive search terms or internal targets.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The template operationalizes scraping, batch collection, and browser automation against arbitrary URLs but omits safeguards about authorization, robots/terms compliance, privacy, rate limiting, and acceptable use. In a skill explicitly designed for web research and scraping, that omission meaningfully increases the risk of misuse against third-party sites, including collection of personal or restricted data and disruptive automated access.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The guidance explicitly includes scraping content behind login walls and re-authenticating, but it provides no warning about handling authenticated sessions, protected data, or user consent boundaries. In a browser-automation scraping skill, this increases the chance that an agent will access account-scoped or sensitive content and persist cookies/state without appropriate safeguards.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The modal-closing and page-interaction instructions encourage clicking arbitrary selectors on live sites without warning that automation can trigger state-changing actions such as submitting forms, accepting terms, dismissing consent flows, or performing transactions. Because this skill is designed for automated web research at scale, these omissions make unintended side effects more likely during routine use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.