Back to skill

Security audit

stealthy-auto-browse

Security checks across malware telemetry and agentic risk

Overview

This is a powerful but clearly documented browser automation skill for authorized testing, with misuse risks that are disclosed and bounded by setup guidance.

Install only for legitimate authorized testing. Keep the API and noVNC bound to localhost, set a strong AUTH_TOKEN, avoid query-string tokens, pin and review container image digests, use isolated test accounts, restrict egress to approved targets where possible, and avoid the websearch example for sensitive queries or providers that do not permit automated access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Tp4

High
Category
MCP Tool Poisoning
Confidence
81% confidence
Finding
The skill is presented as authorized QA and defensive anti-bot testing, but it also includes documented workflows for automated multi-engine web searching, scraping result pages, and extracting AI overviews. In a tool explicitly optimized to evade automation detection, that mismatch materially expands misuse potential into stealth scraping and unauthorized data collection against third-party services.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.