Testagent Browser Setup

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a browser-tool setup helper, but it uses privileged, persistent, and unverified installation steps that users should review before running.

Install only in a disposable or trusted OpenClaw/container environment where root-level browser tooling changes are acceptable. Review the browser-use installer before running it, consider replacing the curl-to-bash step with a pinned verified install, and avoid storing the API key in ~/.bashrc unless you understand the exposure and know how to rotate or remove it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill directs the agent to persist a newly obtained API key into `~/.bashrc` without warning the user that credentials will be stored long-term in a shell startup file. Persistent storage broadens exposure to other local processes, future sessions, accidental disclosure, backups, and shell history or dotfile syncing workflows.

Missing User Warnings

High

Confidence: 99% confidence
Finding: Piping a remote script directly into bash executes unverified code from the network with the current user's privileges, making supply-chain compromise or MITM-style delivery issues immediately exploitable. In a setup skill that is meant to bootstrap tooling on fresh machines, this is especially dangerous because users are likely to run it with elevated privileges and high trust.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal