core-agent-browser
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of the
agent-browserCLI for automating browser interactions. The commands are limited to browser control (navigation, clicking, typing) and are consistent with the tool's intended use. - [PROMPT_INJECTION]: The skill operates on content retrieved from external websites, which presents a surface for indirect prompt injection. This is a known risk for any tool that processes untrusted external data, and the skill itself does not contain malicious instructions.
- [DATA_EXFILTRATION]: Commands for taking screenshots and reading element text are included for automation purposes. No patterns of sending sensitive local data to external endpoints were identified.
Audit Metadata