navigator
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill operates on untrusted web content which presents a surface for indirect prompt injection.
- Ingestion points: The skill reads web content through browser navigation and accessibility snapshots.
- Boundary markers: No explicit delimiters or instructions are used to separate ingested data from agent commands.
- Capability inventory: The skill can execute JavaScript in the browser, perform network requests, and write files to local storage.
- Sanitization: The skill implements mandatory schema validation for all extracted data before saving.
- [COMMAND_EXECUTION]: The skill utilizes playwright_evaluate and Chrome DevTools Protocol methods to execute JavaScript within the browser context for automation and data extraction tasks.
- [EXTERNAL_DOWNLOADS]: The skill uses the playwright Node.js package for browser control and interaction.
- [SAFE]: The skill adheres to security best practices including the use of environment variables for credentials and the creation of detailed audit logs and screenshots for every task.
Audit Metadata