Back to skill

Security audit

Chrome Web Automation

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is not malicious, but it needs review because it can control an authenticated live Chrome session without clear confirmation rules for sensitive actions.

Install only if you are comfortable letting an agent inspect and operate your current Chrome session. Keep unrelated sensitive tabs closed, scope tasks to a specific site or tab, and require explicit confirmation before submitting forms, sending messages, purchasing, changing account settings, uploading files, or deleting data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly operates on a user's live Chrome session, which can click, type, submit forms, and capture screenshots, but it does not warn about side effects such as modifying browser state, submitting data, changing account settings, or exposing sensitive page contents. In this context, the omission increases the risk of unintended actions on authenticated sessions and can lead to privacy or integrity issues if the user is not clearly informed before use.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.