web-browser
Fail
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The
scripts/start.jsfile contains a feature enabled by the--profileflag that usesrsyncto copy the user's entire Google Chrome profile directory (located at~/Library/Application Support/Google/Chrome/) to a local cache folder (~/.cache/scraping). This action exposes the user's active login sessions, cookies, and saved credentials to the skill's automation environment.\n- [DATA_EXFILTRATION]: Thescripts/watch.jsscript, which is automatically started by the browser initialization script, implements a persistent monitor that logs every network request (including URLs, methods, and metadata) and all console output to JSONL files on the local disk. This creates a detailed record of all browsing activity that may contain sensitive information.\n- [COMMAND_EXECUTION]: Thescripts/eval.jsutility takes arbitrary strings provided as command-line arguments and executes them directly in the browser's JavaScript environment via the Chrome DevTools Protocol without any sanitization or validation.\n- [COMMAND_EXECUTION]: Thescripts/start.jsscript usesexecSyncandspawnto run system-level commands includingmkdir,rsync, and/usr/bin/opento manipulate files and launch the browser with remote debugging capabilities.
Recommendations
- AI detected serious security threats
Audit Metadata