Remote Chrome CDP

Security checks across malware telemetry and agentic risk

Overview

This is a browser automation skill whose sensitive browser access is expected for its purpose, though users should handle logged-in sessions carefully.

Install only if you want an agent to control a browser for testing or inspection. Avoid attaching it to your everyday logged-in browser or sensitive accounts unless you intend that access; prefer temporary or dedicated profiles, keep CDP bound to localhost, and delete saved auth state files when done.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill enables remote browser control, JavaScript execution, screenshots, and use of a real Chrome profile, but does not meaningfully warn about exposure of cookies, authenticated sessions, synced profile data, and sensitive page contents. In context, the guidance to use a real profile and expose CDP over a forwarded port materially increases the risk of privacy compromise and account/session abuse if the port or tunnel is misused.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal