core-agent-browser

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents the use of the agent-browser CLI for automating browser interactions. The commands are limited to browser control (navigation, clicking, typing) and are consistent with the tool's intended use.
  • [PROMPT_INJECTION]: The skill operates on content retrieved from external websites, which presents a surface for indirect prompt injection. This is a known risk for any tool that processes untrusted external data, and the skill itself does not contain malicious instructions.
  • [DATA_EXFILTRATION]: Commands for taking screenshots and reading element text are included for automation purposes. No patterns of sending sensitive local data to external endpoints were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 04:05 PM
Security Audit — agent-trust-hub — core-agent-browser