Skills
skills/tuziapi/tuzi-skills/baoyu-danger-gemini-web/Gen Agent Trust Hub

baoyu-danger-gemini-web

Fail

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses node:child_process to spawn web browsers including Google Chrome, Microsoft Edge, and Chromium with the --remote-debugging-port flag enabled to programmatically control the browser via the Chrome DevTools Protocol (CDP).
  • [COMMAND_EXECUTION]: In scripts/gemini-webapi/utils/paths.ts, the skill uses execSync to execute cmd.exe on WSL systems to retrieve the Windows user profile path.
  • [CREDENTIALS_UNSAFE]: The skill programmatically extracts highly sensitive session cookies (__Secure-1PSID and __Secure-1PSIDTS) from the user's browser profile to authenticate requests to Google services.
  • [CREDENTIALS_UNSAFE]: Extracted authentication cookies and session tokens are cached in plain text within a local JSON file (cookies.json) located in the application data directory.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 5, 2026, 01:06 PM