agent-browser
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Browser Automation CLI]: The skill uses a tool called
agent-browserto perform web automation tasks. This involves executing shell commands to interact with a browser instance, which is a standard pattern for end-to-end testing and visual verification of web applications. - [Local Development Interaction]: The skill is designed to automatically trigger or provide guidance when local development servers (like Next.js or Vite) are detected. This is a common developer workflow meant to facilitate immediate testing and feedback during the development process.
- [JavaScript Execution]: Includes functionality to evaluate JavaScript within the browser context (
agent-browser eval). While this allows for arbitrary code execution inside the browser, it is a standard feature for advanced web scraping and testing where simple selectors are insufficient. It does not appear to execute code on the host system beyond the browser's sandbox. - [State Management]: Supports saving and loading browser state (e.g.,
auth.json). This is a legitimate feature for maintaining authentication sessions during testing, though users should ensure that sensitive state files are managed according to their own security policies.
Audit Metadata