browser-login
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses
npxto download and execute the@claude-flow/clipackage at runtime. This is a vendor-owned tool used to interact with the AgentDB memory store for session persistence. - [COMMAND_EXECUTION]: Shell commands are utilized to perform memory storage operations and invoke security scanning tools.
- [DATA_EXFILTRATION]: The skill retrieves session cookies from the browser. It mitigates security risks by redacting credentials from log outputs and using AIDefence to scan and vault sensitive tokens into opaque handles before storage.
- [PROMPT_INJECTION]: The skill navigates to external URLs, creating a surface for indirect prompt injection from untrusted web content. Ingestion points: Browser interaction with user-supplied login URLs. Boundary markers: None explicitly defined for isolating external page content from instructions. Capability inventory: Includes shell command execution, file writing, and full browser automation. Sanitization: Employs the AIDefence tool to identify and vault sensitive data extracted from the browser context.
Audit Metadata