browser-use-to-stagehand
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process user-provided Python scripts (untrusted input) and generate corresponding TypeScript code. This represents a potential surface for indirect prompt injection.
- Ingestion points: Python source files provided by the user for migration (SKILL.md Step 1).
- Boundary markers: Absent. The skill does not specify explicit markers or 'ignore previous instructions' warnings for the input scripts.
- Capability inventory: The skill leverages filesystem tools (Read, Write, Edit) and shell access (Bash) to perform its migration tasks. The generated code is intended to run in a Node.js environment with network and browser access.
- Sanitization: Present. The skill utilizes Zod schemas to ensure structured data extraction and validation of script components during the conversion process (SKILL.md Step 4).
- [EXTERNAL_DOWNLOADS]: The skill references several external dependencies including @browserbasehq/stagehand, zod, dotenv, and tsx. These resources are either well-known open-source libraries or official tools provided by the vendor (Browserbase), and their use is consistent with the skill's stated purpose. Evidence: SKILL.md Output templates.
- [COMMAND_EXECUTION]: The documentation provides standard setup and execution commands for the target environment, such as 'npm install' for dependency management and 'npx tsx' for running the migrated scripts. These are standard developer operations and do not represent a security risk. Evidence: EXAMPLES.md.
Audit Metadata