ClawHub

Playwright CLI Automation

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Playwright automation guide, but it needs Review because it encourages authenticated browser automation and saved login state without safety boundaries.

Install only if you intentionally need Playwright-style browser automation. Use it on sites you own or are authorized to test, avoid using saved login state unless you can protect and delete the auth file, and do not commit generated scripts, screenshots, PDFs, or auth.json files that may contain private data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger description is broad enough to activate on many generic browsing, screenshot, crawler, or testing requests that may not actually require this skill. Over-broad activation increases the chance the agent invokes a powerful browser automation capability unnecessarily, which can lead to unintended web interaction, data collection, or execution of sensitive workflows on behalf of the user.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly promotes recording user actions and persisting login state via storage files without any privacy, consent, retention, or secret-handling guidance. In the context of a browser automation skill, this is dangerous because recorded flows, screenshots, and saved storage can capture credentials, session cookies, tokens, and other sensitive data that could enable account takeover or unintended disclosure.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal