Back to skill

Security audit

skill test

Security checks across malware telemetry and agentic risk

Overview

This is a coherent browser automation skill, but it exposes powerful browser-session features that users should handle carefully.

Install only if you need full browser automation and trust the upstream agent-browser package. Prefer test accounts or dedicated browser sessions, avoid printing cookies or storage values, keep saved state files such as auth.json out of repositories, and delete screenshots, PDFs, recordings, traces, and saved sessions when they are no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly exposes commands for reading and persisting cookies, localStorage, HTTP credentials, and session state, but provides no safety guidance about handling secrets or authenticated browser state. In an agent setting, this can lead to unintended disclosure of tokens, cookies, or reusable login state to logs, files, or downstream tools.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The documented screenshot, PDF, and recording commands create files on disk, but the skill does not warn that these artifacts may contain sensitive page contents, credentials, or internal data. In automated environments, such artifacts can be retained, uploaded, or accessed later without the user's awareness.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.