agent-browser
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the 'agent-browser' NPM package and additional browser binaries during setup.
- [COMMAND_EXECUTION]: Relies on shell commands to control browser sessions and page interactions.
- [DATA_EXFILTRATION]: Provides mechanisms to save and load sensitive browser state (cookies and local storage) to 'auth.json' and capture screenshots of page data.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection as it ingests and processes untrusted content from web pages.
- Ingestion points: Page snapshots and text extraction.
- Boundary markers: None identified.
- Capability inventory: Includes form submission, state management, and file operations.
- Sanitization: No evidence of content filtering or instruction scrubbing is implemented for page data.
Audit Metadata