browser-harness
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by generating Python scripts and piping them directly into a command-line utility (
browser-harness) for execution. This is the core architectural design for the harness. - [DATA_EXFILTRATION]: The skill documentation includes explicit instructions for agents to identify and report technical site details, such as private API patterns and stable CSS selectors, to a shared repository. It also provides built-in functions for synchronizing browser profile data (including session cookies) to cloud environments.
- [REMOTE_CODE_EXECUTION]: The harness exposes a
js()helper function that allows the agent to execute arbitrary JavaScript code within the context of the active browser tab for inspection and interaction.
Audit Metadata