stealth-browser
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted web content, creating a surface for Indirect Prompt Injection where malicious instructions on a website could influence the agent's behavior. Ingestion points:
wrapper.js(getContent(),getTitle()). Boundary markers: None (fetched content is returned directly without delimiters or safety warnings). Capability inventory:wrapper.js(evaluate(),screenshot(),launch()). Sanitization: None (content is not sanitized or escaped before being provided to the agent context). - [COMMAND_EXECUTION]: The browser instance is launched with
--no-sandboxand--disable-web-securityflags inwrapper.js. These settings bypass standard browser security boundaries (like the sandbox and Same-Origin Policy) to facilitate scraping, which increases the risk if the browser visits a malicious site. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
puppeteer-extraandpuppeteer-extra-plugin-stealthNode.js packages. These are well-known technology libraries and are documented neutrally as they are standard dependencies for the skill's purpose.
Audit Metadata