browser-use-integration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): Documentation recommends installing standard, well-known libraries (
browser-use,langchain-anthropic,playwright) from the official PyPI registry. - [COMMAND_EXECUTION] (SAFE): Example shell scripts perform routine tasks such as setting file permissions (
chmod +x), installing packages, and managing local browser processes (taskkill.exe) for debugging purposes. - [DATA_EXFILTRATION] (SAFE): The documentation uses standard placeholders for API keys (e.g., 'sk-ant-...') and correctly recommends the use of environment variables for secret management.
- [Indirect Prompt Injection] (SAFE): The skill describes an architecture for browser agents which, by design, ingests untrusted web data. While this creates a vulnerability surface for indirect prompt injection, the documentation is for the library itself and not a specific malicious implementation.
- Ingestion points: The
Agentclass inapi-reference.mdis designed to navigate and extract data from external websites. - Boundary markers: Examples do not explicitly demonstrate prompt delimitation for ingested content.
- Capability inventory: The agent has capabilities to
click,type, andnavigateas defined in theControlleractions. - Sanitization: The reference docs do not provide specific sanitization logic, as that is typically implementation-dependent.
Audit Metadata