Skills
skills/steel-dev/cli/steel-browser/Gen Agent Trust Hub

steel-browser

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill's primary function is to generate and execute shell commands using the steel browser utility to perform web interactions, manage session states, and evaluate JavaScript within a browser context.
  • [EXTERNAL_DOWNLOADS]: Installation instructions provided in the README guide users to fetch the skill from the author's official GitHub repository (steel-dev/cli), which is a legitimate resource for the skill's components.
  • [COMMAND_EXECUTION]: The skill facilitates an attack surface for indirect prompt injection as it processes external web content.
  • Ingestion points: The agent reads untrusted data from the web using open, snapshot, get, and find commands.
  • Boundary markers: The instructions do not explicitly mandate the use of delimiters or warnings to prevent the agent from following instructions embedded in web content.
  • Capability inventory: The skill has broad capabilities, including full browser control and the ability to execute arbitrary JavaScript via the eval command.
  • Sanitization: There is no documentation regarding the sanitization or validation of data retrieved from websites before it is used in downstream logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 02:54 AM