functions
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data which creates a surface for indirect prompt injection.\n
- Ingestion points: User-provided inputs are accessed via the
context.paramsobject in the function code withinindex.ts.\n - Boundary markers: There are no explicit boundary markers or instructions to treat the parameters as untrusted data.\n
- Capability inventory: The skill utilizes the Browserbase CLI (
bb) and Playwright for browser automation, which involve network operations and potentially sensitive site interactions across all scripts.\n - Sanitization: The provided code snippets do not demonstrate sanitization or validation of the input parameters before they are used in browser actions.\n- [EXTERNAL_DOWNLOADS]: Fetches and executes the official
@browserbasehq/sdk-functionspackage from the npm registry usingpnpm dlxfor project initialization.
Audit Metadata