browser
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses the vendor's 'browse' CLI for its intended purpose. It specifically instructs against installing new packages or using external network tools, which reduces the attack surface.\n- [PROMPT_INJECTION]: The skill processes untrusted external content from websites, which is a standard surface for indirect prompt injection in browser automation.\n
- Ingestion points: Page content and accessibility trees via
browse snapshotas described in SKILL.md.\n - Boundary markers: None provided in the instructions to delimit untrusted content.\n
- Capability inventory: CLI execution of
browsefor actions like clicking and typing.\n - Sanitization: No sanitization is performed on the retrieved web content.
Audit Metadata