Security audit

Web-search(Bing-CN)

Security checks across malware telemetry and agentic risk

Overview

The skill’s browser automation and session features fit its stated purpose, but users should be careful with real accounts and saved browser state.

Install only if you want an agent to drive a browser for testing or debugging. Avoid entering sensitive real credentials unless you trust the site and the workflow, do not save or commit auth state files, and be cautious when using persistent profiles or attaching to an existing browser session.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly opens the host browser so the user can log into third-party sites, but it does not warn that this may expose the user to external websites, credential entry risks, tracking, or unintended navigation outside the agent-controlled environment. In this context, the omission matters because the skill is designed to bridge from automated browsing into a real user browser session, which increases privacy and phishing risk if users are not clearly informed.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.