Skills
skills/team2027/skills/browserbase-cli/Gen Agent Trust Hub

browserbase-cli

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for the global installation of the browse CLI package using npm install -g browse.
  • [REMOTE_CODE_EXECUTION]: The command browse skills install initiates remote code execution by using npx to download and run installer scripts.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform platform operations, such as creating sessions and managing functions through the browse CLI.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by incorporating untrusted data from the web into the agent's context. \n
  • Ingestion points: Web content is ingested through the browse cloud fetch, browse cloud search, and browse get commands as described in SKILL.md and REFERENCE.md. \n
  • Boundary markers: There are no boundary markers or instructions to treat external content as untrusted data within the provided scripts or instructions. \n
  • Capability inventory: The skill allows for command execution via Bash, filesystem writes using --output flags, and network operations. \n
  • Sanitization: No sanitization or content filtering is specified for the data retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:05 AM
Security Audit — agent-trust-hub — browserbase-cli