ClawHub

Agent Browser Clawdbot.Disabled

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed browser-automation guide, but saved browser state and cookie/storage output should be treated like credentials.

Install this only if you trust the external agent-browser CLI and need agent-driven browser automation. Treat saved state files, cookies, and localStorage output as secrets: do not commit, share, log, or reuse them across sensitive accounts unless the session is isolated and authorized.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly recommends saving and loading browser auth state without warning that these files can contain session cookies, local storage, and other authentication artifacts. In an agent-driven environment, that omission can lead users or downstream agents to persist reusable credentials to insecure locations, increasing the risk of account takeover or lateral movement if the files are exposed.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The documentation exposes cookie and storage inspection/modification capabilities without any privacy or secret-handling guidance. Because these interfaces can reveal or alter session tokens, PII, and application secrets, an agent may over-collect or mishandle sensitive browser data during automation, especially when operating across authenticated sessions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill recommends saving and loading browser auth state but does not warn that these files may contain session cookies, tokens, and other sensitive local/session storage artifacts. In an agent setting, this can lead to accidental persistence, sharing, or exfiltration of reusable authenticated state, especially if files are stored in insecure locations or committed to repositories.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documented cookie and storage commands expose direct access to sensitive browser data, including session identifiers, CSRF tokens, and persisted secrets, without any cautionary guidance. In a skill meant for AI agents, this increases the chance that an agent will read, modify, or disclose sensitive state in logs, outputs, or downstream tools.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal