ClawHub

Agent Browser Backup

Security checks across malware telemetry and agentic risk

Overview

This is a transparent browser automation skill, but it gives agents powerful access to authenticated browser sessions and saved page artifacts.

Install only if you want an agent to control a browser. Prefer test accounts or isolated browser sessions, avoid sensitive logged-in sites, treat saved state files like credentials, keep screenshots/recordings/traces out of shared paths, and require explicit approval before purchases, posts, deletes, uploads, or account changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly documents saving and loading authenticated browser state (`auth.json`) but provides no warning that the file may contain session cookies or other authentication artifacts that can grant account access if copied or reused. In an agent context, this increases the chance of unintended credential persistence, insecure storage, or exfiltration through logs, workspace sharing, or later tool actions.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation advertises screenshots, PDFs, video recording, cookies, storage inspection, and network request viewing without warning that these features can capture sensitive page content, authentication data, PII, or locally write artifacts containing secrets. For an autonomous agent, silent capture to files or stdout can lead to privacy leakage and unintended retention of confidential data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal