Skills
skills/vibetechnologies/vibe-mcp/vibebrowser/Gen Agent Trust Hub

vibebrowser

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and executes the @vibebrowser/mcp package from the npm registry using npx to provide the browser control interface.
  • [COMMAND_EXECUTION]: Executes shell commands to interact with the vibebrowser-cli, enabling tasks such as clicking elements, typing text, and retrieving tab metadata.
  • [PROMPT_INJECTION]: Presents a surface for indirect prompt injection as it processes untrusted data from the open web.
  • Ingestion points: External data enters the agent context via the snapshot and tabs commands, which extract HTML, ARIA trees, and page titles from user-visited websites.
  • Boundary markers: Absent; the instructions do not implement delimiters or safety warnings for the agent when processing retrieved web content.
  • Capability inventory: The skill allows for direct browser manipulation and arbitrary JavaScript execution in the user's active session via the evaluate command.
  • Sanitization: Absent; the skill passes raw web data to the agent without escaping or structural validation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 12:32 AM
Security Audit — agent-trust-hub — vibebrowser