agentcore-browser

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: Browser Automation Capability. The skill provides a set of tools for navigating web pages, interacting with elements, and taking screenshots. It correctly identifies the requirement for specific infrastructure configuration (enable_browser=true). Browser sessions are managed via a local file system endpoint (/tmp/agentcore-browser-session.json), ensuring isolation. Interaction tools (click, type, wait, scroll) are restricted to valid actions and use standard Playwright APIs. Screenshots are uploaded to a user-specific S3 bucket using environment variables and the official AWS SDK, preventing cross-user data access. The navigation tool sanitizes page content by removing potentially dangerous or noisy tags (script, style, noscript, iframe) before returning text content to the agent. No evidence of data exfiltration, credential theft, or unauthorized command execution was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 06:31 PM
Security Audit — agent-trust-hub — agentcore-browser