Security audit

.Agent Browser Clawdbot.Disabled.20260401 112736

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed browser-automation skill with real session-data risks, but the access is purpose-aligned and user-directed.

Install only if you are comfortable giving the agent controlled browser-automation access. Prefer isolated sessions over your real Chrome profile, treat auth.json and saved session files like passwords, keep API keys in protected files, do not share or commit browser state, and delete persisted sessions when no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs users to save and load browser auth state and exposes commands for reading cookies and local/local storage, but it does not warn that these artifacts can contain session tokens, persistent authentication data, and other secrets. In an AI-agent context, this is especially risky because agents may store, echo, mishandle, or reuse these values across tasks or sessions, enabling account takeover or unintended cross-user access if the saved state files are leaked or reused improperly.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.