Skills
skills/team2027/skills/cookie-sync/Gen Agent Trust Hub

cookie-sync

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script uses child_process.execSync to run browser version checks (e.g., chrome --version). This is performed to verify that the local browser environment supports the remote debugging protocols required for cookie extraction.
  • [DATA_EXFILTRATION]: The skill retrieves session cookies from a local browser profile via the Chrome DevTools Protocol (CDP). These cookies are transmitted to the Browserbase platform (browserbase.com) to synchronize authenticated sessions with a remote headless browser. This operation is the primary stated purpose of the skill and uses official SDKs to communicate with the service.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @browserbasehq/sdk and @browserbasehq/stagehand packages from the NPM registry. These dependencies are official libraries used to facilitate the connection between the local browser and the Browserbase cloud service.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:05 AM
Security Audit — agent-trust-hub — cookie-sync