browser-use
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with the
api.browser-use.comdomain to manage browser sessions and execute tasks. This is a well-known service for browser automation and the interaction is necessary for the skill's stated purpose. - [COMMAND_EXECUTION]: Documentation includes
curlcommands for API interaction and agatewayconfiguration command to link the agent to the remote browser. These are standard integration steps. - [CREDENTIALS_UNSAFE]: API keys are managed through configuration variables (
skills.entries.browser-use.apiKey) and are not hardcoded within the skill source. - [PROMPT_INJECTION]: The skill processes external data which represents a surface for indirect prompt injection. Ingestion points: User-provided
taskprompt and web content loaded via the provisioned browser. Boundary markers: None identified in the documentation. Capability inventory: Remote browser control and configuration updates via thegatewaytool. Sanitization: Not specified in the skill code. This risk is inherent to browser automation functionality and is noted for situational awareness.
Audit Metadata