agent-browser
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
infshCLI tool and provides several shell script templates for automating common browser tasks like authenticated browsing and content capture. - [REMOTE_CODE_EXECUTION]: Provides an
executefunction for running JavaScript within the browser context, which is an expected and essential capability for the skill's purpose of advanced web automation. - [EXTERNAL_DOWNLOADS]: The skill references CLI installation instructions hosted on the vendor's official GitHub repository.
- [DATA_EXFILTRATION]: Includes functionality to extract web data including cookies, page text, and links, as well as capturing screenshots and video recordings for debugging and auditing.
- [PROMPT_INJECTION]: As the skill ingests content from external websites, it possesses an inherent surface for indirect prompt injection; this is mitigated by the use of a structured and compact element reference system (@e refs).
Audit Metadata