web-screenshot

Fail

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/capture_via_system_browser.sh is vulnerable to command injection via the URL parameter.
  • Evidence: On macOS, the script uses a heredoc to pass AppleScript to osascript, where the $URL variable is interpolated directly into a string: set newTab to make new tab with properties {URL:"$URL"}. A malicious URL could terminate the string and execute arbitrary AppleScript.
  • Evidence: On Windows, the script interpolates $URL into a PowerShell command string: powershell.exe -NoProfile -Command "Start-Process chrome '$URL'". An attacker could break out of the single quotes to execute arbitrary PowerShell commands.
  • [EXTERNAL_DOWNLOADS]: The skill requires and recommends the installation of several external dependencies to provide full functionality.
  • Evidence: SKILL.md provides instructions for installing shot-scraper, playwright, and tf-playwright-stealth via Python package managers.
  • Evidence: The skill documentation also mentions agent-browser, a Node.js package installed via npm. These tools are reputable but represent an external dependency chain managed outside the skill itself.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 22, 2026, 12:28 PM
Security Audit — agent-trust-hub — web-screenshot