Skills
skills/ruvnet/ruflo/browser-test/Gen Agent Trust Hub

browser-test

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to navigate to external URLs and ingest data from those pages.
  • Ingestion points: Content retrieved from external websites via mcp__claude-flow__browser_open and mcp__claude-flow__browser_get-text.
  • Boundary markers: Absent; there are no instructions to the agent to disregard or delimit content found on the web pages.
  • Capability inventory: The agent has access to mcp__claude-flow__browser_eval for JavaScript execution and Bash for shell access.
  • Sanitization: No sanitization or validation of external content is performed before processing.
  • [REMOTE_CODE_EXECUTION]: The skill utilizes the mcp__claude-flow__browser_eval tool, which allows the execution of dynamic JavaScript code within the browser context. While standard for automated testing, this facilitates the execution of arbitrary code logic which could be influenced by the content of the pages being tested.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 10:49 PM