web-access
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates a local proxy server (scripts/cdp-proxy.mjs) to interface with Chrome via CDP. The server is securely bound to the loopback address (127.0.0.1), ensuring it is not accessible from the network.\n- [SAFE]: Detailed instructions in SKILL.md establish a clear trust boundary, informing the agent that all data retrieved from the web (DOM, search results, etc.) is untrusted and must be processed as data rather than instructions.\n- [SAFE]: The skill implements a secure file upload workflow requiring a specific staging directory (web-access-upload-staging) and user confirmation, which prevents the unauthorized exfiltration of arbitrary local files.\n- [SAFE]: Runtime execution of JavaScript in the browser is used legitimately for web navigation and data extraction, with explicit warnings against executing untrusted scripts found on web pages.
Audit Metadata