Skills
skills/mindrally/skills/puppeteer-automation/Gen Agent Trust Hub

puppeteer-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill recommends installing puppeteer and related packages via npm. These are standard, reputable packages from the npm registry.
  • [COMMAND_EXECUTION] (LOW): The skill utilizes puppeteer.launch, which spawns a browser subprocess. It includes the --no-sandbox flag; while common for headless environments (like Docker), it disables critical browser security isolation and should be used with caution.
  • [Indirect Prompt Injection] (LOW): The skill's primary purpose is web scraping (page.goto, page.$eval). This creates a surface for Indirect Prompt Injection, where untrusted content from external websites could influence agent behavior.
  • Ingestion points: page.goto(), page.$eval(), and page.evaluate() methods in SKILL.md.
  • Boundary markers: None. The snippets do not demonstrate the use of delimiters or 'ignore' instructions for scraped content.
  • Capability inventory: The skill can launch browser processes (puppeteer.launch), execute arbitrary JavaScript in the page context (page.evaluate), and write files to the local system (page.screenshot, page.pdf).
  • Sanitization: No evidence of sanitization or validation of the scraped text before it is returned to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:56 PM