Security audit

Control Host Browser

Security checks across malware telemetry and agentic risk

Overview

This skill openly opens user-requested URLs in the user's Chrome browser and does not show hidden persistence, data theft, or destructive behavior.

Install only if you want an agent to open pages in your real Chrome browser. Confirm the exact URL before use, avoid using it around sensitive logged-in sessions, and prefer a dedicated browser profile if you want stronger separation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README explicitly describes controlling the host machine's Chrome instance and navigating it to URLs, but it does not warn about privacy, user-consent, or host-impact risks. In this skill context, that omission matters because the capability affects the real host browser rather than an isolated browser, enabling unintended navigation of a user session, exposure of browsing context, or disruptive interaction with a live desktop environment.

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The script performs real host-side browser actions—creating a tab and navigating it—without any built-in confirmation, origin display, or user-warning mechanism. In an agent skill context, this increases the risk of silent or unexpected navigation to phishing, tracking, or sensitive internal URLs on the host browser.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal