launch
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- UI Automation and CDP Connectivity: The skill enables interaction with VS Code by leveraging the Chrome DevTools Protocol (CDP). This allows the agent to connect to a local debugging port and perform actions within the application's renderer process.
- External Dependency Management: The instructions call for the installation of agent-browser via NPM. While this involves downloading external code, it is a recognized tool for browser-based automation and is required for the skill's functionality.
- Command Line Interactions: The skill provides shell commands to launch VS Code with specific flags, manage processes, and handle environment variables. These actions are standard for setting up development and automation environments.
- Dynamic JavaScript Execution: The use of agent-browser eval allows for the execution of custom scripts within the browser context. This is used here to identify UI elements and simulate user interactions that are not natively supported by basic CLI commands.
- Indirect Prompt Injection Surface: As the skill interacts with the VS Code UI, including chat panels and editors, there is a potential surface for indirect prompt injection if the agent processes untrusted content from these sources. This is a general consideration for any UI-driven automation agent.
Audit Metadata