browser-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill interacts with external URLs and web content, representing an inherent attack surface for indirect prompt injection. This is consistent with its primary purpose and is mitigated by instructions for manual approval. 1. Ingestion points: Web pages, console logs, and network traffic via the browser. 2. Boundary markers: Absent in the documentation. 3. Capability inventory: Full browser automation (navigation, clicks, data entry). 4. Sanitization: Relies on user review and manual approval checkpoints.
- [Prompt Injection] (SAFE): No instructions to override system prompts or bypass safety guardrails were detected.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file access or hardcoded credential exposure patterns were found.
Audit Metadata