buse
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
x busecommand line tool to execute automated browser actions and interactive tasks based on user prompts. - [EXTERNAL_DOWNLOADS]: Includes instructions for the
x buse --installcommand, which downloads necessary external components such as the browser-use framework and the Chromium browser. - [PROMPT_INJECTION]: Features a vulnerability surface for indirect prompt injection when the agent interacts with untrusted external websites. (1) Ingestion points: The agent ingests data from any website it navigates to while performing tasks described in SKILL.md and SKILL.zh.md. (2) Boundary markers: There are no explicit delimiters or instructions defined to prevent the agent from obeying commands found within web content. (3) Capability inventory: The agent has the capability to navigate the web, interact with page elements, and capture screenshots. (4) Sanitization: The instructions do not describe any sanitization or validation of the data retrieved from the web before processing it.
Audit Metadata