vite-browser-network-regression
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: Extensive analysis of the skill's instructions and commands reveals no malicious intent, obfuscation, or unauthorized data access. The behavior is entirely consistent with its stated purpose as a developer utility.
- [COMMAND_EXECUTION]: The skill uses the
vite-browserCLI tool to perform browser-based diagnostics. This includes subcommands likenetworkto inspect API traffic,screenshotfor visual validation, andevalto probe the application's runtime state. These operations are restricted to the local development/debugging environment. - [PROMPT_INJECTION]: The skill was evaluated for indirect prompt injection risks, as it processes external network data.
- Ingestion points: External network responses and console logs are ingested via
vite-browser networkandvite-browser logs(SKILL.md). - Boundary markers: Absent; the agent is not explicitly instructed to ignore instructions within the network responses.
- Capability inventory: The agent has the ability to navigate the browser (
vite-browser open) and execute JavaScript state probes (vite-browser eval). - Sanitization: No explicit sanitization of the response body is performed before analysis.
- Note: This surface is considered a functional requirement for the skill's primary purpose of network debugging and does not escalate the security verdict.
Audit Metadata