browse
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: During the initial setup, the skill fetches the Bun installer from https://bun.sh/install. This download is performed using curl and is followed by a sha256sum verification against a hardcoded checksum before execution, ensuring the integrity of the downloaded tool.
- [COMMAND_EXECUTION]: The skill executes various system commands for environment setup, configuration management, and the lifecycle of the headless Chromium browser. These operations are restricted to the agent's working directories and include safeguards like environment variable scrubbing for spawned sub-processes.
- [SAFE]: The skill demonstrates extensive security hardening, including a deny-default allowlist for Chrome DevTools Protocol (CDP) methods, rigorous path validation to prevent traversal attacks, and protection against SSRF by blocking access to cloud metadata endpoints. It also includes comprehensive privacy filtering to redact sensitive information like passwords and tokens from activity streams and logs.
Audit Metadata