agent-browser-with-camoufox
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The installation script and documentation utilize piped shell commands to install the uv package manager and the Rust toolchain. Evidence includes the use of curl | sh for astral.sh and rustup.rs URLs. These are official installation methods for well-known technology services and are documented neutrally.
- [EXTERNAL_DOWNLOADS]: The skill fetches the agent-browser source code from its public GitHub repository and uses standard package managers to install camoufox and its dependencies. This is required for the toolchain to function.
- [COMMAND_EXECUTION]: The install.sh script performs extensive environment setup and local code modification. It dynamically patches the agent-browser source files using Python and recompiles the tool using npm. This modification is the intended primary purpose of the skill.
Audit Metadata