agent-loop-browser

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill interacts with system-level utilities including mcporter and the browse CLI to manage browser sessions and navigate web pages.
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of arbitrary JavaScript within the browser context via the chrome-devtools.evaluate_script tool. This is a standard and expected capability for browser automation tasks.
  • [DATA_EXFILTRATION]: While the skill communicates with external web domains, it does so as part of its primary function. There are no identified patterns involving the access or transmission of sensitive local files such as credentials or environment configurations.
  • [PROMPT_INJECTION]: As the skill ingests data from external URLs (e.g., GitHub or preview environments), it is exposed to potential indirect prompt injection attacks where malicious content on a webpage could attempt to influence the agent's behavior. This is an inherent surface risk for all browser-enabled tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:11 AM
Security Audit — agent-trust-hub — agent-loop-browser