agent-browser
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
agent-browserutility via the npm registry and executeagent-browser installto download a Chromium instance. - [COMMAND_EXECUTION]: The core functionality of the skill involves executing local shell commands to automate browser actions such as navigation, form filling, and data extraction.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests untrusted data from the web.
- Ingestion points: External web content enters the agent's context through
agent-browser snapshotandagent-browser get textcommands. - Boundary markers: None identified in the provided instructions.
- Capability inventory: The skill allows the agent to interact with arbitrary websites, click elements, and fill forms based on the results of the snapshots.
- Sanitization: No explicit sanitization or filtering of the web content is described before it is processed by the agent.
Audit Metadata