Skills
skills/grasseed/google-search-browser-use/gemini-research-browser-use/Gen Agent Trust Hub

gemini-research-browser-use

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill uses the pattern curl | python3 multiple times. This method downloads content from http://localhost:9222/json (typically the Chrome DevTools protocol) and executes it as code without any validation or sanitization.
  • Command Execution (HIGH): The use of shell pipes to feed unverified network data into a system interpreter is a high-risk behavior that bypasses security controls and can lead to full system compromise.
Recommendations
  • HIGH: Downloads and executes remote code from: http://localhost:9222/json - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 05:44 PM