agent-browser
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a set of browser automation tools. Analysis across the 10 threat categories found no malicious patterns, hardcoded credentials, or unauthorized system access.- [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection as it is designed to ingest and process web content. Ingestion points: Web page snapshots, text, and HTML content extracted via 'agent-browser snapshot' and 'get text' (identified in 'SKILL.md' and 'templates/capture-workflow.sh'). Boundary markers: None identified in the skill's documentation. Capability inventory: Full browser control including page navigation, form interaction, file uploads, and cookie management (documented in 'SKILL.md'). Sanitization: No explicit sanitization of web-extracted content is described. While these factors create an attack surface, the behavior is intrinsic to the skill's primary purpose and no malicious intent was found.- [COMMAND_EXECUTION]: The skill includes an 'eval' command for executing JavaScript within the browser context. This is a standard feature for advanced web automation and testing and is considered safe within the context of this skill's intended use case.
Audit Metadata