browser-harness

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill operates by generating Python scripts and piping them directly into a command-line utility (browser-harness) for execution. This is the core architectural design for the harness.
  • [DATA_EXFILTRATION]: The skill documentation includes explicit instructions for agents to identify and report technical site details, such as private API patterns and stable CSS selectors, to a shared repository. It also provides built-in functions for synchronizing browser profile data (including session cookies) to cloud environments.
  • [REMOTE_CODE_EXECUTION]: The harness exposes a js() helper function that allows the agent to execute arbitrary JavaScript code within the context of the active browser tab for inspection and interaction.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 12:29 AM
Security Audit — agent-trust-hub — browser-harness