chrome-use

Warn

Audited by Socket on Jun 23, 2026

1 alert found:

Anomaly
AnomalyLOW
scripts/proxy.ts

This code is best characterized as an unauthenticated local CDP bridge: it accepts arbitrary JSON messages from any local client that can reach the UNIX socket and forwards method/params directly to Chrome via cdp!.send, including an unauthenticated '__stop' remote shutdown. While it does not itself show network exfiltration or overt malicious payload behavior, the design creates a significant security risk in environments where the socket file permissions or placement are not tightly controlled, since it effectively grants whoever can connect powerful control over the browser/Chrome debugging interface.

Confidence: 72%Severity: 66%
Audit Metadata
Analyzed At
Jun 23, 2026, 12:35 AM
Package URL
pkg:socket/skills-sh/dzianisv%2Fskills%2Fchrome-use%2F@c9734716607f1766cd9a1c8cf6a0ec60e51bacb04d46e263c5d6e7712bd8cb3c
Security Audit — socket — chrome-use