Thundarr Browser
Security checks across malware telemetry and agentic risk
Overview
This is a small web-browsing instruction skill with no included executable code, persistence, credentials, or hidden local access.
Before installing, understand that the package does not include the advertised browse.py implementation, so actual browsing behavior may depend on platform tooling or may not work as described. Treat any web content it returns as untrusted information, especially pages that contain instructions or requests for credentials.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
VirusTotal findings are pending for this skill version.