agentcore
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [AWS Authentication Integration]: The skill utilizes standard AWS credential resolution patterns, including environment variables like
AWS_ACCESS_KEY_IDand theawsCLI. This is the expected and secure method for authenticating with AWS services when running cloud-hosted browsers. - [Restricted Command Execution]: The skill's capabilities are scoped to the
agent-browserutility through theallowed-toolsconfiguration. This limits the agent's actions to the specific browser automation tasks intended by the author. - [Web Content Processing Surface]: As a tool designed to interact with the live web, the skill processes external data which is a standard aspect of browser automation.
- Ingestion points: Untrusted data is ingested from external URLs via
agent-browser openandagent-browser snapshotoperations described inSKILL.md. - Boundary markers: No specific delimiters or "ignore instructions" markers are explicitly defined for the data retrieved from browser sessions.
- Capability inventory: The skill uses
agent-browserto perform interactions like clicking, filling forms, and taking screenshots as noted inSKILL.md. - Sanitization: The skill relies on the standard security boundaries provided by the cloud browser environment for content handling.
Audit Metadata