Back to skill

Security audit

Deep Scraper

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Docker-based web scraper, but users should treat it as a powerful scraping tool and review its target scope and dependency hygiene before use.

Install only if you intend to run a Dockerized browser scraper. Use it only on public or explicitly authorized pages, avoid private/internal URLs and authenticated content, review or supply the missing Dockerfile, and update/pin Playwright and Crawlee before building.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill provides a generic `docker run` command that accepts an arbitrary `[TARGET_URL]` without defining allowed targets, trigger conditions, or operator constraints. In a scraping skill explicitly aimed at bypassing protections on platforms like YouTube and X/Twitter, this ambiguity increases the chance of misuse against unauthorized or sensitive third-party targets and makes unsafe invocation by an agent more likely.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill markets itself as able to "penetrate protections" and obtain "interception-level" data from major third-party platforms, but it omits a strong warning about legal, policy, and security risks of network scraping against protected services. That framing makes the context more dangerous, because the absence of explicit safeguards can normalize behavior that bypasses platform defenses or leads operators to collect data they should not access.

Known Vulnerable Dependency: playwright==1.40.0 — 1 advisory(ies): CVE-2025-59288 (Playwright downloads and installs browsers without verifying the authenticity of)

High
Category
Supply Chain
Confidence
96% confidence
Finding
playwright==1.40.0

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.