Back to skill

Security audit

Web Render Screenshot

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it renders HTML or webpages into high-resolution screenshots, with normal caution needed for untrusted remote pages.

Install if you need HTML-to-image or webpage screenshot rendering. Avoid rendering untrusted or sensitive logged-in pages unless you are comfortable with them running JavaScript and making network requests in the execution environment, and expect to install Playwright/Chromium separately if not already available.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The script’s interface and description suggest rendering HTML files, but it also accepts arbitrary http/https URLs and loads them in a real browser via Playwright. That expands the trust boundary: attacker-controlled remote pages can trigger outbound network requests, execute JavaScript, and potentially access internal-only endpoints from the agent environment, creating SSRF-style exposure and unintended interaction with live content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.