Skills
skills/codealive-ai/ai-cofounder/web-browser/Gen Agent Trust Hub

web-browser

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses the agent-browser CLI via shell execution to perform web interaction tasks such as opening URLs, clicking elements, and filling forms.
  • [EXTERNAL_DOWNLOADS]: Performs network requests to arbitrary external URLs as its primary function for web browsing.
  • [PROMPT_INJECTION]: The skill processes untrusted web content via the snapshot command, which presents a surface for indirect prompt injection. * Ingestion points: Web content is read into the agent's context through agent-browser snapshot in SKILL.md. * Boundary markers: No specific delimiters are defined in the instructions to isolate web content. * Capability inventory: The skill provides interactive tools like click, fill, and type that could be manipulated by malicious instructions embedded in web pages. * Sanitization: Extracted content is not sanitized before being returned to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 07:03 AM