remini-web
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes Chromium via the Playwright library to automate web interactions. This is the intended and documented behavior of the tool.
- [DATA_EXFILTRATION] (SAFE): While the script uploads local images to a remote URL (app.remini.ai), this is the core functionality of the service. No evidence of unauthorized data access (e.g., SSH keys, credentials) or exfiltration to unknown domains was found.
- [EXTERNAL_DOWNLOADS] (LOW): The skill requires the 'playwright' Python package and Chromium browser binaries. These are standard dependencies from trusted sources (Microsoft/Playwright).
- [INDIRECT_PROMPT_INJECTION] (LOW): The script processes local image files and CLI arguments. While it interacts with external web content, the automation is limited to specific UI selectors and does not involve processing untrusted natural language instructions into agent logic.
Audit Metadata