Agent Browser Core 1.0.1
Security checks across malware telemetry and agentic risk
Overview
This is a documentation-only browser automation skill that clearly warns about its powerful features and tells users to restrict them.
Install only after verifying and pinning the trusted agent-browser package version. Use a dedicated or containerized environment, allowlist only intended domains, block localhost and private networks, and require explicit approval before eval, file access, downloads, proxy/network interception, credentials, cookies, storage, or saved session state are used.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.