browser-probe
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill performs its stated function without any malicious intent or security vulnerabilities. It is authored by a known vendor and contains no obfuscation or suspicious code.
- [COMMAND_EXECUTION]: External commands are executed using
execFileSyncwith argument arrays inscripts/browser-probe.js. This is a secure method that prevents shell command injection. - [EXTERNAL_DOWNLOADS]: The skill relies on
playwright-cli, a reputable tool. Instructions guide users to install it from the official NPM registry, which is a well-known service and a trusted source for development tools. - [SAFE]: Regarding indirect prompt injection, the skill ingests external data (page titles and headers) in
scripts/browser-probe.jsfor diagnostic purposes. This ingestion is bounded by regex filtering and structured report generation, which mitigates the risk of the data containing instructions that could override agent behavior.
Audit Metadata