playwright-browser-console-messages
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection risk through browser log ingestion.
- Ingestion points: The tool
browser_console_messagesretrieves console output from the active browser session, which can include content from untrusted third-party websites. - Boundary markers: The skill does not define markers to separate untrusted log data from agent instructions or provide warnings to ignore embedded commands.
- Capability inventory: The skill includes a file-writing capability via the
filenameargument, allowing data to be saved to the local filesystem. - Sanitization: No sanitization or escaping of the console log content is performed before it is presented to the agent or written to disk.
Audit Metadata