Skills
skills/openclaw/skills/next-browser/Gen Agent Trust Hub

next-browser

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a subagent feature that processes natural language instructions for browser automation.
  • Ingestion points: The task_description parameter in the /chat/tasks API endpoint is used to receive instructions for the subagent.
  • Boundary markers: The documentation does not specify the use of delimiters or markers to separate user-provided data from system instructions.
  • Capability inventory: The subagent can perform high-impact actions such as account authentication, browsing, and posting content on platforms like Reddit.
  • Sanitization: No specific sanitization or validation routines for the task description are defined in the provided files.
  • Configuration guidelines recommend setting skip_plan_approval to true, which facilitates fully autonomous operation by omitting human-in-the-loop validation.
  • [EXTERNAL_DOWNLOADS]: The skill documentation describes interactions with app.nextbrowser.com. This is the official API domain for the service and is used for intended functionality.
  • [COMMAND_EXECUTION]: The documentation provides standard curl templates and openclaw config commands to assist users in setting up the API key and testing the integration. These commands are for administrative use and do not involve suspicious remote script execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 04:15 PM