Skills
skills/yonatangross/orchestkit/browser-tools/Gen Agent Trust Hub

browser-tools

Warn

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill introduces a skills get command that allows the agent to fetch and install third-party capability packs from remote sources. It also includes an upgrade command for self-updating via package managers like npm or Homebrew.
  • [COMMAND_EXECUTION]: The tool relies on a wide array of shell commands executed through the agent-browser binary, including batch processing of commands from standard input and the ability to execute arbitrary JavaScript using eval.
  • [DATA_EXFILTRATION]: Several capabilities present risks of sensitive data exposure. The clipboard read command can access the host system's clipboard contents. The network har command captures full network logs which often contain authentication tokens. Additionally, the inspect command opens a local proxy for DevTools, which increases the network attack surface.
  • [REMOTE_CODE_EXECUTION]: The skills get functionality acts as a vector for remote code execution by allowing the dynamic download and loading of external code modules or capability packs.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 2, 2026, 11:07 AM