Skills
skills/gregpr07/browser-use/remote-browser/Gen Agent Trust Hub

remote-browser

Warn

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides browser-use python and browser-use eval commands which allow for the execution of arbitrary Python and JavaScript code within the agent's environment and browser context.
  • [DATA_EXFILTRATION]: The browser-use tunnel command facilitates the creation of Cloudflare tunnels, exposing local network services to the public internet.
  • [DATA_EXFILTRATION]: Includes functionality to export sensitive browser session cookies through the browser-use cookies export command.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Untrusted data enters the agent context through browser state and content extraction (SKILL.md). There are no explicit boundary markers or sanitization processes mentioned to prevent instructions within web pages from abusing the skill's capabilities, such as the Python execution or tunneling tools.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 20, 2026, 12:13 AM