Skills
skills/mukul975/anthropic-cybersecurity-skills/extracting-browser-history-artifacts/Gen Agent Trust Hub

extracting-browser-history-artifacts

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses sensitive user data from browser profiles, including history, cookies, and login metadata.
  • [EXTERNAL_DOWNLOADS]: Documentation suggests installing the 'pyhindsight' tool for advanced analysis.
  • [COMMAND_EXECUTION]: The workflow includes shell commands for mounting images and copying sensitive files from local directories.
  • [PROMPT_INJECTION]: There is a risk of indirect prompt injection from untrusted web data processed by the skill. 1. Ingestion points: Browser history databases (History, places.sqlite). 2. Boundary markers: None. 3. Capability inventory: Reads local databases and generates CSV files. 4. Sanitization: None.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 01:52 PM