Electron App Automation

Name: agent-browser/electron
Author: vercel-labs

View on GitHub↗

Share on X Share on LinkedIn Share on Bluesky

100Critical

This skill allows arbitrary Bash command execution and ex

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

Electron App Automation: Automate any Electron desktop app using agent-browser. Electron apps are built on Chromium and expose a Chrome DevTools Protocol (CDP) port that agent-browser can connect to, enabling the same snapshot-interact workflow used for web pages.

Actually does

This skill uses Bash commands to launch Electron desktop applications (like Slack, VS Code, Discord) with a remote debugging port enabled. It then utilizes the `agent-browser` tool to connect to this local Chrome DevTools Protocol (CDP) port. Once connected, `agent-browser` can perform actions such as taking UI snapshots, clicking elements, filling forms, extracting text, managing tabs/webviews, and capturing screenshots of the Electron application's interface.

Threat Analysis

AI Agent Traps ↗Scanned 4/14/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction2 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namevercel-labs/agent-browser/electron

Registrygithub

Versiondb29d5feade8

PURLpkg:github/vercel-labs/agent-browser@db29d5feade8?skill=electron

Stars29,298

Installs16,800

Source

Repository ↗SKILL.md ↗

SHA-256d97a2bc221b5...

SHA-1231988cc5648...

MD50e18a29a7476...

TLSH61d164ea208a...

ssdeep192:iuJZf3k8...

Size6,727 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/vercel-labs/agent-browser/tree/main/skills/electron

16,800 installs

Claude CodeDocs

/plugin marketplace add vercel-labs/agent-browser

/plugin install electron@vercel-labs/agent-browser

Skills.shDocs

npx skills add https://github.com/vercel-labs/agent-browser --skill electron

Assessments (1)

AI Agent Traps ↗

Unrestricted Bash Command Executioncriticalcommand execution

The skill explicitly allows unrestricted Bash command execution, enabling the agent to run arbitrary commands on the host system with the user's privileges.

100% confidenceline 21

allowed-tools: Bash(agent-browser:*), Bash(npx agent-browser:*), open -a "Slack" --args --remote-debugging-port=9222

Sensitive Data Exfiltration via CDP Interactionhighdata exfiltration

The `agent-browser` tool can extract sensitive data, such as screenshots, text content, and full DOM snapshots, from any connected Electron application, including password managers or communication tools.

100% confidenceline 159

agent-browser screenshot app-state.png, agent-browser get text @e5, agent-browser snapshot --json > app-state.json

Dependencies (1)

agent-browser.claude-plugin/marketplace.jsonnot scanned

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/vercel-labs/agent-browser/electron.svg)](https://mondoo.com/ai-agent-security/skills/github/vercel-labs/agent-browser/electron)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/vercel-labs/agent-browser/electron"><img src="https://mondoo.com/ai-agent-security/api/badge/github/vercel-labs/agent-browser/electron.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/vercel-labs/agent-browser/electron.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow