BrowserBridge
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands like
catandpowershellto read results and logs from hardcoded absolute file paths on the local disk (C:\RI Services\BrowserBridge\). - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes content from the browser (DOM and console logs). Malicious web pages could contain instructions designed to exploit the agent's capabilities, such as performing unauthorized browser actions or making network requests.
- [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of arbitrary JavaScript within the browser context. This power allows the agent to manipulate web content or interact with authenticated sessions, posing a risk if the agent is directed by malicious input or web content.
Audit Metadata