ClawHub

Wayne Agent Browser

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed browser automation helper, but users should treat saved sessions, cookies, storage, and captured network data as sensitive.

Before installing, verify that the npm package is the intended agent-browser package. Use least-privilege or test accounts where possible, do not commit or share saved auth JSON files, avoid printing cookies/storage/network payloads into logs, and use traffic mocking only when authorized.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill documents `state save` and `state load` as convenience features for skipping login flows, but does not warn that the saved file can contain sensitive authentication material such as cookies and browser storage. In an agent context, this can lead to credential persistence on disk, accidental reuse across tasks, or exfiltration if the file is stored insecurely or shared.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill exposes commands for reading and setting cookies and local storage without any caution about handling secrets, session identifiers, or personal data. Because this skill is intended for AI agents, normalizing direct access to browser secrets increases the chance of leakage, unauthorized session manipulation, or persistence of sensitive data in logs and transcripts.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The documented network inspection and route-mocking features enable viewing requests and altering responses, but the skill provides no warning about exposure of API tokens, request bodies, or the risks of tampering with live traffic. In an agent-operated browser, these capabilities can facilitate sensitive data capture or unsafe request manipulation if used on production systems or untrusted workflows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal