browser-use
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform browser automation tasks using npx mcporter commands.
- [EXTERNAL_DOWNLOADS]: Use of npx to execute mcporter may result in the package being downloaded from the npm registry.
- [SAFE]: The skill interacts with external web content, which is a surface for indirect prompt injection. This risk is inherent to browser automation.
- Ingestion points: Web data is retrieved using take_snapshot and evaluate_script in SKILL.md.
- Boundary markers: None explicitly defined in the file.
- Capability inventory: The skill allows for navigation, element interaction (click/fill), and script evaluation.
- Sanitization: The skill contains clear instructions for the agent to avoid outputting sensitive data like tokens or passwords.
Audit Metadata