browser-xterm-interaction
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill defines procedures for executing shell commands and multi-line scripts in web terminals using Playwright automation tools. This includes techniques for handling environment variables and command redirection, which are consistent with the skill's stated purpose.
- [PROMPT_INJECTION]: The skill recommends using boundary markers (e.g., '===START===') to encapsulate terminal output. This is a security best practice to mitigate potential indirect prompt injection attacks where terminal output might be misinterpreted as agent instructions.
- [CREDENTIALS_UNSAFE]: The documentation uses generic placeholders like 'AKIAXXXX' and 'YYYY' for AWS credentials. These are standard illustrative values and do not represent a compromise of sensitive information.
Audit Metadata