Skills
skills/zephyrwang6/myskill/baoyu-danger-gemini-web/Gen Agent Trust Hub

baoyu-danger-gemini-web

Fail

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill uses the Chrome DevTools Protocol (CDP) to harvest sensitive Google session cookies (such as __Secure-1PSID and __Secure-1PSIDTS) from a browser instance and stores them in plain text within a local JSON file (cookies.json) for authentication.
  • [COMMAND_EXECUTION]: The application identifies and executes local browser binaries, including Google Chrome, Microsoft Edge, and Chromium, using child_process.spawn to automate the authentication process.
  • [DATA_EXFILTRATION]: Local files provided as vision input are uploaded to Google's content-push API endpoint (content-push.googleapis.com) to facilitate prompt processing.
  • [EXTERNAL_DOWNLOADS]: The skill fetches generated images from Google-controlled domains, specifically googleusercontent.com and lh3.googleusercontent.com, and saves them to the local filesystem.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 25, 2026, 03:08 PM