Skills
skills/maplecity1314/vite-browser/vite-browser-core-debug/Gen Agent Trust Hub

vite-browser-core-debug

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the vite-browser eval command to run arbitrary JavaScript scripts within the target browser environment. While this is a standard feature for debugging tools, it allows for dynamic execution of code that may be influenced by the agent's analysis of the page.
  • [PROMPT_INJECTION]: The skill processes potentially untrusted data from external websites through commands like vite-browser logs, vite-browser errors, and vite-browser network. This creates a surface for indirect prompt injection where malicious content on a page could attempt to influence the agent's behavior.
  • Ingestion points: vite-browser logs, vite-browser errors, vite-browser network (all ingest data from the browser context).
  • Boundary markers: None identified; browser data is ingested directly into the agent's context.
  • Capability inventory: vite-browser eval, vite-browser open, vite-browser screenshot.
  • Sanitization: No explicit sanitization or validation of browser-sourced content is present in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 01:05 PM