browser-extension-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions were found that attempt to override AI safety filters or manipulate the agent's core instructions.
- Data Exposure & Exfiltration (SAFE): The skill uses local browser storage APIs for state management and contains no logic for sending data to external or untrusted domains.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The project templates do not include external package installations or remote script downloads; all code is self-contained.
- Dynamic Execution (SAFE): UI injection examples use static HTML templates, avoiding the risk of executing untrusted code via dynamic manipulation.
- Privilege Escalation (SAFE): The skill explicitly advises against requesting excessive permissions in its anti-patterns section, promoting secure development practices.
Audit Metadata