functions
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Employs the official
browseCLI for core development tasks including project initialization, local testing, and cloud publishing. These operations are consistent with the platform's documented usage. - [EXTERNAL_DOWNLOADS]: Dependencies are managed through standard package managers, pulling official SDKs such as
@browserbasehq/sdk-functionsandplaywright-corefrom established registries. - [PROMPT_INJECTION]: As the skill involves automated browser interactions with external websites, it possesses an attack surface for indirect prompt injection.
- Ingestion points: External data enters the agent context via browser navigation and content extraction commands in
SKILL.mdandREFERENCE.md. - Boundary markers: Code examples do not demonstrate the use of delimiters to isolate untrusted web content from the agent's instructions.
- Capability inventory: The skill provides tools for browser control and cloud deployment, which includes network access.
- Sanitization: Standard browser automation workflows are described without explicit prompt-level sanitization for ingested content.
Audit Metadata