browserbase-cli
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute various commands for the Browserbase CLI (
browse), covering platform operations and local browser driving.\n- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of thebrowseCLI from the npm registry and clones starter templates from official Browserbase repositories.\n- [REMOTE_CODE_EXECUTION]: The skill employsnpmfor global package installation andnpx(viabrowse skills install) to execute a remote installation script for agent skills.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when retrieval tools (fetch, search) ingest untrusted content from the web.\n - Ingestion points: Data is retrieved from external websites via
browse cloud fetchandbrowse cloud searchas described in SKILL.md and REFERENCE.md.\n - Boundary markers: Absent; there are no instructions to delineate or ignore potential commands within fetched content.\n
- Capability inventory: The skill has full Bash access and the ability to upload files and perform network operations via the CLI.\n
- Sanitization: No sanitization or filtering is applied to web content before it enters the agent's context.
Audit Metadata