ClawHub

Playwright Browser Automation

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Playwright browser-automation guide, but it includes under-scoped examples for stored sessions, sensitive captures, and persistent passwordless sudo setup.

Review before installing. Use isolated browser contexts and test accounts where possible, avoid storing real credentials or auth.json unless necessary, keep captures and downloads in access-controlled locations, delete sensitive outputs promptly, and do not add the passwordless sudoers rules unless you fully understand the local privilege risk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
This skill prominently demonstrates saving screenshots, PDFs, videos, downloads, and traces to local disk, which can capture sensitive page contents, personal data, tokens shown in UI, or proprietary documents. In a browser-automation skill, these capabilities are expected, but omitting any warning or guidance about data capture, retention, and destination paths increases the chance of accidental exposure or unsafe storage.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The authentication section includes hard-coded credentials, cookies, localStorage tokens, and persisted `storageState` without any warnings about secret handling. These examples normalize insecure practices such as embedding secrets in code and writing reusable authenticated state to disk, which could enable account takeover if copied into real workflows or if files are exposed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal