browser
Warn
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The
scripts/start.jsfile contains logic to copy the user's full Google Chrome profile—which contains cookies, login tokens, and browsing history—from its default location on macOS (~/Library/Application Support/Google/Chrome/) to a local cache directory (~/.cache/browser-tools). While intended to facilitate authenticated browsing, this duplicates highly sensitive data to a less protected location. - [COMMAND_EXECUTION]: The
scripts/eval.jstool accepts arbitrary string input from command-line arguments and executes it as code within the active browser tab usingnew AsyncFunction. This creates a vector for executing malicious scripts if the agent is manipulated into running untrusted JavaScript. - [COMMAND_EXECUTION]: Several scripts (
scripts/start.js,package.json) use system-level commands likeexecSyncandspawnto manage Chrome processes and modify file permissions (chmod +x). Specifically,start.jskills existing Chrome processes and usesrsyncto sync data, operating with the user's local privileges.
Audit Metadata