browser-extension-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill follows security best practices for browser extension development. It explicitly warns against requesting excessive permissions and using deprecated manifest versions in its validation logic (references/validations.md).
- [DYNAMIC_EXECUTION] (LOW): In references/sharp_edges.md, the skill describes a technique for script injection to access the 'MAIN' world (page context). While this is a sensitive operation, it is a standard extension development pattern for specific use cases, and the documentation correctly identifies it as a higher-risk approach compared to isolated worlds.
- [EXTERNAL_DOWNLOADS] (SAFE): The documentation suggests the use of webextension-polyfill, which is a widely trusted and standard library maintained by the community for cross-browser compatibility. No untrusted or malicious download sources were identified.
Audit Metadata