electron
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions to launch native desktop applications using shell commands with specific flags (e.g., --remote-debugging-port) to enable automation capabilities.
- [EXTERNAL_DOWNLOADS]: Mentions the use of 'npx agent-browser', which downloads and executes the tool from the npm registry at runtime.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by design, as it involves reading and processing data from external communication and productivity apps (Slack, Discord, VS Code) that may contain untrusted user content.
- Ingestion points: Data from Electron apps enters the agent context through 'agent-browser snapshot' and 'get text' commands.
- Boundary markers: None identified in the skill instructions.
- Capability inventory: The agent can interact with application UI elements (click, fill, keyboard) and has access to the Bash tool.
- Sanitization: No specific sanitization or filtering of the ingested app data is mentioned in the instructions.
Audit Metadata