Skills
skills/bighardperson/computer-science-skills-collection/browser-cash/Gen Agent Trust Hub

browser-cash

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection through its web navigation capabilities.
  • Ingestion points: External website content navigated to via Playwright or Puppeteer as described in SKILL.md examples.
  • Boundary markers: Absent; the skill does not specify delimiters or warnings to ignore instructions embedded in retrieved web pages.
  • Capability inventory: The skill uses the Bash tool and node -e to execute code, providing a mechanism for potential malicious instructions in web content to affect the environment.
  • Sanitization: No content sanitization or filtering logic is provided for the data processed from the browser sessions.
  • [COMMAND_EXECUTION]: Uses shell commands to manage configuration, interact with the Browser.cash REST API via curl, and execute JavaScript automation scripts using node -e.
  • [EXTERNAL_DOWNLOADS]: The setup process involves downloading and installing well-known automation libraries (playwright, puppeteer-core) from the official NPM registry.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 10:47 AM
Security Audit — agent-trust-hub — browser-cash