safe-browser
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed as a builder guide for creating secure browser agents. It implements a 'safe_browser' tool that encapsulates a Playwright session and enforces a domain allowlist through Chrome DevTools Protocol (CDP) Fetch interception.
- [COMMAND_EXECUTION]: Contains instructions for standard local development tasks, including copying templates, installing dependencies via NPM, and executing Node.js scripts for demonstration purposes.
- [EXTERNAL_DOWNLOADS]: Relies on official package registries and trusted libraries such as the Anthropic Claude Agent SDK and Microsoft Playwright for core functionality.
- [PROMPT_INJECTION]: The skill implements architecture to mitigate indirect prompt injection by restricting the agent's browser access to a single, constrained tool and an explicit domain allowlist.
Audit Metadata