playwright-browser-network-requests
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The
browser_network_requeststool captures and returns full network logs, which often include sensitive information such as HTTP Authorization headers, session cookies, and POST body data. If the agent uses this tool during an authenticated browser session, it could inadvertently expose credentials or PII to the model context or log files. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from external, potentially untrusted network requests.
- Ingestion points: The output of the
browser_network_requeststool inSKILL.mdcontains metadata and content from all resources loaded by the browser. - Boundary markers: Absent. The schema does not define any delimiters or instructions to treat the captured network data as untrusted, increasing the risk that the agent might follow instructions embedded in request headers or payloads.
- Capability inventory: The skill possesses file-writing capabilities via the
filenameargument in the tool schema defined inSKILL.md. - Sanitization: Absent. There is no evidence of validation or sanitization of the captured network data before it is returned to the agent or written to disk.
Audit Metadata