browser-use-integration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows an insecure pattern ("Include credentials in task") that embeds a plaintext email and password directly in the agent task, which would require the LLM to handle and potentially output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's example tasks explicitly instruct the Agent to browse and scrape public websites (e.g., news.ycombinator.com, YouTube, amazon.com, competitor.com) and extract user-generated/open-web content that the agent will read and interpret, which can enable indirect prompt injection.