Back to skill

Security audit

Oc Browser Automation 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This is a coherent browser automation skill, but it gives broad control over real browser sessions with only minimal safety boundaries.

Install only if you want an agent to control a browser. Prefer the default or a separate sandbox profile, avoid using your personal Chrome profile unless you explicitly need logged-in access, and confirm before submitting forms, changing accounts, uploading files, downloading sensitive content, inspecting requests, or capturing logged-in pages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger set includes very generic terms such as '浏览器', '浏览网页', and 'browser', which can match ordinary user requests and invoke a powerful browser-automation skill unexpectedly. Because this skill can open pages, click, type, upload, download, and inspect requests, accidental routing increases the chance of unintended web actions or data exposure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises file upload/download and later request/console inspection capabilities, but the documentation provides only minimal safety guidance and does not clearly warn users about privacy, credential, cookie, or local-file exposure risks. In a browser automation context, these features can access sensitive session state or move data between local storage and remote sites, making misuse or accidental disclosure materially more dangerous.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.