oxylabs-headless-browser
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill connects to
ubc.oxylabs.iousing the Chrome DevTools Protocol (CDP). This is the official domain for the Oxylabs headless browser service and is considered a legitimate vendor resource. - [CREDENTIALS_UNSAFE]: Documentation and code examples correctly instruct users to retrieve credentials from environment variables (
OXY_UNBLOCKER_USERNAME,OXY_UNBLOCKER_PASSWORD) rather than hardcoding them in scripts. - [COMMAND_EXECUTION]: The skill utilizes industry-standard automation libraries (Playwright and Puppeteer) to perform browser actions. All commands are consistent with the skill's stated purpose of web scraping and browser automation.
- [PROMPT_INJECTION]: The skill processes untrusted external data when the browser navigates to and extracts content from third-party websites.
- Ingestion points:
page.goto(),page.content(), andpage.$$eval()are used to fetch and process external web content. - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are included in the provided code templates.
- Capability inventory: The skill includes file-writing capabilities for generating screenshots (
page.screenshot) and PDF documents (page.pdf), as well as the ability to interact with web elements. - Sanitization: The examples do not demonstrate explicit sanitization of scraped content before potential downstream use.
- [SAFE]: No obfuscation, persistence mechanisms, privilege escalation attempts, or unauthorized remote code execution patterns were detected.
Audit Metadata