obscura

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides a set of tools for managing and testing the 'Obscura' headless browser. The helper scripts in the scripts/ directory perform standard operations such as starting a CDP server, verifying process state, and performing smoke tests against known websites.
  • [EXTERNAL_DOWNLOADS]: The documentation references an external project repository on GitHub (h4ckf0r0day/obscura) as the source of the tool's logic. No automated downloads or execution of remote scripts from untrusted sources are performed by the skill itself.
  • [COMMAND_EXECUTION]: The skill executes the obscura binary and common system utilities including lsof, kill, shasum, and curl. These executions are limited to administrative tasks (checking port availability, process cleanup, checksum validation) and functional testing.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it ingests data from external websites (via fetch and scrape) without explicit sanitization or boundary markers. However, this is inherent to its primary purpose as a scraping tool, and no exploitation was observed in the skill's logic.
  • Ingestion points: External website content fetched via obscura fetch or obscura scrape (referenced in scripts/test_academic_sites.sh).
  • Boundary markers: Absent.
  • Capability inventory: Subprocess execution of the obscura binary and curl for network requests.
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 04:39 PM
Security Audit — agent-trust-hub — obscura