gologin-local-agent-browser-skill
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by executing the
gologin-local-agent-browserCLI for all profile and browser automation tasks. It also includes alocal_browser_evaltool that allows the execution of arbitrary JavaScript within the active browser session for page inspection purposes. - [EXTERNAL_DOWNLOADS]: Documentation directs the user to install the
gologin-local-agent-browser-clipackage from NPM and provides links to the vendor's official GitHub repository (GologinLabs/gologin-local-agent-browser). These resources are provided by the skill's developer for its core functionality. - [DATA_EXFILTRATION]: The skill provides tools for exporting browser cookies (
local_browser_cookies) and local/session storage (local_browser_storage). These features are intended to support persistence and profile handoffs in multi-account management workflows. - [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted web content, creating a surface for indirect prompt injection.
- Ingestion points: The
local_browser_snapshottool (referenced in SKILL.md and tools.md) captures the DOM of external web pages and provides it to the agent. - Boundary markers: The instructions do not specify the use of delimiters or specific markers to differentiate between user instructions and data retrieved from web pages.
- Capability inventory: The skill enables powerful actions such as clicking, typing, and executing JavaScript (eval) based on the state of the ingested page content (tools.md).
- Sanitization: There is no mention of sanitization or filtering applied to the web content before it is processed by the agent.
Audit Metadata