Scan Report
5 /100
agent-browser-zc
A fast Rust-based headless browser automation CLI with Node.js fallback that enables AI agents to navigate, click, type, and snapshot pages via structured commands.
Documentation-only skill wrapping a legitimate browser automation CLI with no executable code or suspicious behavior.
Safe to install
This skill is safe to use. No security concerns identified. The skill merely provides documentation for the agent-browser CLI tool.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No filesystem access in skill |
| Network | NONE | NONE | — | No network calls made by skill |
| Shell | WRITE | WRITE | ✓ Aligned | Bash(agent-browser:*) declared - standard for CLI wrapper |
| Environment | NONE | NONE | — | No environment variable access |
| Skill Invoke | NONE | NONE | — | No skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | Browser access is in the agent-browser CLI, not this wrapper |
| Database | NONE | NONE | — | No database access |
3 findings
Medium External URL 外部 URL
https://app.example.com/login SKILL.md:257 Medium External URL 外部 URL
https://app.example.com/dashboard SKILL.md:267 Info Email 邮箱地址
[email protected] SKILL.md:162 File Tree
3 files · 11.7 KB · 396 lines Markdown 2f · 391L
JSON 1f · 5L
├─
_meta.json
JSON
├─
CONTRIBUTING.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ No executable code - documentation only
✓ No obfuscation or hidden functionality
✓ No credential harvesting
✓ No data exfiltration
✓ No base64 or encoded commands
✓ Clear and comprehensive documentation
✓ Standard npm installation with pinned version
✓ No suspicious URLs or IPs