browser-verification
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill uses shell commands like lsof and git diff to detect environment states and code changes. These are standard operations for a local development agent.- [COMMAND_EXECUTION] (LOW): It can trigger npm scripts such as 'npm run dev' to start local development servers. While this invokes local code execution, it is explicitly requested by the user's configuration and is part of the tool's core functionality.- [PROMPT_INJECTION] (LOW): The skill is potentially vulnerable to indirect prompt injection because it analyzes the content of local web pages which could contain malicious instructions. Evidence: (1) Ingestion points: browser snapshots and screenshots in references/verification-flow.md. (2) Boundary markers: No explicit sanitization or delimiters for page content analysis are defined. (3) Capability inventory: Command execution and browser interaction tools. (4) Sanitization: No content filtering is applied prior to analysis.
Audit Metadata