Skills
skills/tabbit-browser/tabbit-devtools-skill/tabbit-devtools/Gen Agent Trust Hub

tabbit-devtools

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/run_agent_browser_on_tabbit.py uses subprocess.run to execute the agent-browser tool. This is the primary mechanism for the skill to perform browser automation tasks as requested by the user.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to use npx to download and execute the agent-browser package from the npm registry if it is not already installed locally. This package is maintained by Vercel Labs, a well-known and reputable organization.
  • [DATA_EXPOSURE]: To facilitate the connection, the skill reads the DevToolsActivePort file from the user's application support directory (~/Library/Application Support/Tabbit/). This is necessary to discover the dynamically assigned WebSocket endpoint required for Chromium-based browser debugging.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 10:00 AM