nova-act
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill downloads the 'nova-act' package and associated browser tools from official, trusted sources (AWS GitHub repositories and Amazon domains).
- [SAFE]: Authentication guidance correctly advises against hardcoding credentials, recommending environment variables or AWS IAM roles for secure access.
- [SAFE]: The skill includes explicit security warnings regarding sensitive data exposure in screenshots and provides patterns for using Playwright's keyboard API to type passwords without sending them to the model.
- [SAFE]: Command execution is limited to the intended browser automation and deployment functionality. No malicious persistence, privilege escalation, or obfuscation was detected.
Audit Metadata