Back to plugin

Security audit

Patchright Stealth Browser

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed stealth browser automation plugin with sensitive capabilities, but I found no hidden exfiltration, destructive behavior, or purpose-mismatched code.

Install only if you intentionally want a stealth-capable browser automation plugin. It can persist browsing profiles, export httpOnly cookies from its own sessions, use proxies, run page JavaScript, and interact with challenge pages, so avoid using it with accounts or sites where session cookies or automated actions would create unacceptable risk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dynamic_code_execution

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
dist/index.js:323
Evidence
const fn = new Function(`return (${expr});`);

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
src/index.ts:359
Evidence
const fn = new Function(`return (${expr});`);