electron
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution]: The skill executes shell commands to launch local desktop applications with the --remote-debugging-port flag enabled. This is the documented method for enabling automation via the Chrome DevTools Protocol and allows the agent-browser tool to interact with the application interface.
- [Indirect Prompt Injection Surface]: The skill processes data from external applications which may contain untrusted content.
- Ingestion points: Application data is ingested through commands like
agent-browser snapshotandagent-browser get textas described in SKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential commands found within the automated application's UI.
- Capability inventory: The skill possesses the capability to simulate user interactions such as clicking, typing, and capturing screenshots within any connected Electron application.
- Sanitization: The skill does not implement specific filtering or sanitization of the text retrieved from application snapshots before it is processed by the agent.
Audit Metadata