mercadolivre
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill uses the
browser-cookie3library inscripts/mercadolivre.pyto programmatically extract session cookies from various local web browsers, including Chrome, Firefox, Brave, Edge, and Opera. This provides the agent with access to the user's active login sessions. - [DATA_EXFILTRATION]: Extracted session cookies are stored locally in a file named
.cookies_cache.jsonwithin the skill's directory. The skill also includes a command to export these cookies to an arbitrary file path specified by the user. - [EXTERNAL_DOWNLOADS]: The skill's
requirements.txtspecifiesbrowser-cookie3, which is a dependency capable of accessing sensitive browser profile databases on the local file system. - [PROMPT_INJECTION]: The skill processes untrusted third-party data from Mercado Livre, creating a surface for indirect prompt injection.
- Ingestion points: Product titles, descriptions, variations, and user reviews are scraped from
mercadolivre.com.brin thescripts/mercadolivre.pyfile. - Boundary markers: The scraped content is not wrapped in protective delimiters or accompanied by instructions to ignore embedded commands.
- Capability inventory: The skill uses
CamoufoxandPlaywrightfor web automation and writes authentication data to the local file system. - Sanitization: There is no evidence of filtering or sanitizing the retrieved marketplace text to prevent potential instruction injection targeting the LLM.
Audit Metadata