record-demo
Warn
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a shell script intended to modify the local environment by replacing a Chromium binary with a custom-generated wrapper. This wrapper script injects the
--no-sandbox,--disable-gpu, and--disable-dev-shm-usageflags to bypass the browser's default security sandbox mechanisms, allowing it to run in headless or root-access environments. - [EXTERNAL_DOWNLOADS]: The instructions direct the agent to install external software including the
vhsutility, the@apify/mcpcpackage, and the@modelcontextprotocol/server-filesystemNPM package. These dependencies are retrieved from established and well-known services (NPM and GitHub).
Audit Metadata