shopping-browser-automation

This module intentionally executes arbitrary Python snippets locally (via eval/exec) and sends raw code to a local UNIX-socket server for execution. The file itself does not contain obfuscated or explicitly malicious code, but its behavior is inherently dangerous: it enables full arbitrary code execution and delegates execution to an unauthenticated local server, which can be abused for privilege escalation, data exfiltration, or persistence if inputs or the server are untrusted. Treat this module as high-risk in untrusted environments; enforce strict access controls, authentication for the socket, input validation, and consider replacing eval/exec with a safer execution approach.

The Python code itself is not overtly malicious, but it intentionally runs remote npm code at runtime (via npx @playwright/mcp@latest), forwards the host environment, and relays arbitrary inputs (including executable code) to that external process and the controlled browser. This constitutes a moderate-to-high supply-chain and runtime-execution risk: compromise of the npm package or misuse of run_code could lead to credential disclosure or arbitrary actions/exfiltration. Recommend pinning versions, limiting forwarded env vars, restricting run_code, validating inputs, and sandboxing the helper process before trusting this in sensitive environments.

This module exposes a deliberate remote-code-execution capability via eval()/exec() on JSON 'command' payloads read from a Unix domain socket. If an attacker or untrusted local process can connect to /tmp/browser_server.sock they can execute arbitrary Python (including filesystem, network, or process control operations) with the server's privileges. The package does not contain obvious obfuscated malware or external C2 but is dangerously permissive and should not be used in untrusted environments. Mitigations: require authentication on the socket, restrict socket filesystem permissions, remove use of eval/exec or implement a safe command whitelist, and validate/limit commands. Treat this as a high security risk (RCE) rather than proven malware.