Skills
skills/jh941213/my-cc-harness/e2e-agent-browser/Gen Agent Trust Hub

e2e-agent-browser

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the agent-browser CLI from the npm registry and handles browser binary acquisition via agent-browser setup. References source code and resources from Vercel Labs' official GitHub repository.
  • [COMMAND_EXECUTION]: Utilizes child_process.execSync within the runner.js template to execute CLI commands for test orchestration.
  • [REMOTE_CODE_EXECUTION]: Exposes the ability to execute arbitrary JavaScript within a browser context through the agent-browser eval command, which is a core feature for inspecting and interacting with web applications.
  • [PROMPT_INJECTION]: Features an indirect prompt injection surface as it processes external, untrusted web content into the agent's context.
  • Ingestion points: Web page accessibility trees and snapshots are ingested via the agent-browser snapshot command.
  • Boundary markers: Absent; there are no provided instructions to the agent to distinguish between its primary task and instructions that may be embedded in the target web page.
  • Capability inventory: Possesses significant browser control capabilities, including clicking elements, filling forms, and executing JavaScript within the page.
  • Sanitization: Absent; the skill does not specify any methods for filtering or sanitizing the content retrieved from external websites before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 04:21 PM