printing-press
Warn
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
codex exec --yolowithinreferences/codex-delegation.mdto execute code generated by an external LLM (Codex). This allows for rapid implementation of CLI subcommands but introduces the risk of executing unverified, machine-generated code at runtime.\n- [DATA_EXFILTRATION]: Inreferences/browser-sniff-capture.md, the skill includes procedures to save active session cookies from the user's Chrome profile to a local file ($SESSION_STATE_FILE). This sensitive information is used to discover and authenticate against private API endpoints during the generation process.\n- [EXTERNAL_DOWNLOADS]: The skill automates the installation and version management of external tools likebrowser-use,agent-browser, and theprinting-pressbinary itself from various package registries and the author's GitHub repository. It correctly prompts for user consent before proceeding with these installations.\n- [REMOTE_CODE_EXECUTION]: The discovery phase usesbrowser-use evalandjavascript_toolto execute arbitrary JavaScript within a browser tab, allowing the agent to intercept fetch/XHR calls and capture API communication patterns.\n- [SAFE]: Thereferences/secret-protection.mdfile defines a robust security system that automatically redacts known API key formats (e.g., Stripe, GitHub, Slack), PII, and sensitive HTTP headers from all captured artifacts before they are archived or published.\n- [SAFE]: The skill references OpenAPI specifications from official and well-known repositories (e.g., Stripe, Twilio, DigitalOcean, GitHub) which are established and trusted sources for API documentation.
Audit Metadata