Skills
NYC
skills/supercent-io/skills-template/agent-browser/Gen Agent Trust Hub

agent-browser

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Unverifiable Dependencies & Remote Code Execution] (LOW): The skill is installed via npm and a custom install command from a trusted source (vercel-labs). Per [TRUST-SCOPE-RULE], the download risk is downgraded to LOW.
  • [Dynamic Execution] (LOW): The 'eval' command allows execution of arbitrary JavaScript within the browser context. This is a core feature of the skill's primary purpose for web automation, so the severity is downgraded from MEDIUM.
  • [Indirect Prompt Injection] (LOW): The skill provides a surface for indirect instructions from untrusted websites. Evidence: 1. Ingestion points: 'open' and 'snapshot' commands read content from URLs. 2. Boundary markers: No delimiters or ignore-instruction warnings are present. 3. Capability inventory: The skill has access to 'bash', 'eval', and file 'Write' tools. 4. Sanitization: External web content is not sanitized before being provided to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:11 PM