obscura
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a set of tools for managing and testing the 'Obscura' headless browser. The helper scripts in the
scripts/directory perform standard operations such as starting a CDP server, verifying process state, and performing smoke tests against known websites. - [EXTERNAL_DOWNLOADS]: The documentation references an external project repository on GitHub (
h4ckf0r0day/obscura) as the source of the tool's logic. No automated downloads or execution of remote scripts from untrusted sources are performed by the skill itself. - [COMMAND_EXECUTION]: The skill executes the
obscurabinary and common system utilities includinglsof,kill,shasum, andcurl. These executions are limited to administrative tasks (checking port availability, process cleanup, checksum validation) and functional testing. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it ingests data from external websites (via
fetchandscrape) without explicit sanitization or boundary markers. However, this is inherent to its primary purpose as a scraping tool, and no exploitation was observed in the skill's logic. - Ingestion points: External website content fetched via
obscura fetchorobscura scrape(referenced inscripts/test_academic_sites.sh). - Boundary markers: Absent.
- Capability inventory: Subprocess execution of the
obscurabinary andcurlfor network requests. - Sanitization: Absent.
Audit Metadata