Skills
skills/aws-samples/sample-strands-agent-with-agentcore/browser-automation/Gen Agent Trust Hub

browser-automation

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill documentation correctly describes the usage of browser automation tools for UI interaction and data extraction without any malicious overrides or suspicious commands.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design. 1. Ingestion points: browser_get_page_info and browser_act ingest content from arbitrary external URLs. 2. Boundary markers: The skill does not provide specific instructions to the agent on how to delimit or ignore instructions found within the scraped web content. 3. Capability inventory: The skill utilizes browser_act for UI interactions and browser_save_screenshot for file operations. 4. Sanitization: No sanitization or verification of the external web content is mentioned in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 02:12 PM