Skills
skills/redf0x1/camofox-browser/camofox-cli/Gen Agent Trust Hub

camofox-cli

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents 50 commands for the camofox CLI tool, enabling full control over browser automation from the terminal, including tab management, user interaction, and server-side operations.
  • [DATA_EXFILTRATION]: High-risk commands such as camofox cookie export and camofox auth save allow for the extraction of sensitive session cookies and the storage of authentication profiles.
  • [REMOTE_CODE_EXECUTION]: The camofox eval command facilitates the execution of arbitrary JavaScript within the browser context, and the camofox run command allows for the execution of sequential command scripts from local files.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface:
  • Ingestion points: get-text, get-url, get-links, and snapshot commands (SKILL.md) ingest content from external web pages.
  • Boundary markers: No delimiters or protective instructions are documented for processing ingested web content.
  • Capability inventory: High-privilege tools including type, click, eval, and cookie export are available to the agent.
  • Sanitization: No sanitization or validation of untrusted content is described before use in subsequent commands.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 12:32 AM