docyrus-e2e-browser-testing

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to authenticate, configure environments, and control the browser through the Docyrus CLI (e.g., docyrus auth who, docyrus browser nav). These actions are part of the intended testing workflow.\n- [EXTERNAL_DOWNLOADS]: Recommends the installation of the @docyrus/devtools package from npm to enable advanced browser-based error tracking and diagnostics.\n- [PROMPT_INJECTION]: The skill interacts with dynamic content in a web browser, which constitutes a surface for indirect prompt injection.\n
  • Ingestion points: Browser data is ingested through docyrus browser snapshot, docyrus browser console, and docyrus browser devtools (SKILL.md).\n
  • Boundary markers: No specific boundary markers or instructions to ignore embedded content are defined.\n
  • Capability inventory: The agent can execute shell commands and control the browser session based on its interpretation of the page state.\n
  • Sanitization: No data sanitization or validation processes are mentioned for information retrieved from the browser.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 07:24 PM
Security Audit — agent-trust-hub — docyrus-e2e-browser-testing