chrome-use

Fail

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the agent to download and execute a shell script from a remote URL (https://raw.githubusercontent.com/leeguooooo/chrome-use/main/install.sh) by piping it directly to the shell (| sh). This allows for arbitrary code execution on the host machine during the installation process.
  • [EXTERNAL_DOWNLOADS]: The skill dynamically fetches additional workflow content and command references at runtime using chrome-use skills get core. This means the agent's behavior is guided by instructions hosted externally that are not included in the static analysis of the skill itself.
  • [COMMAND_EXECUTION]: The skill requires the use of shell commands (via Bash) to install the tool, manage its configuration, and perform browser automation tasks.
  • [INDIRECT_PROMPT_INJECTION]: Because the skill is designed for browser automation (interacting with websites, filling forms, and scraping data), it naturally ingests untrusted data from the web. This creates a risk where malicious content on a webpage could contain instructions that redirect the agent's behavior.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/leeguooooo/chrome-use/main/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 17, 2026, 06:50 PM
Security Audit — agent-trust-hub — chrome-use