Skills
skills/adobe/helix-website/scrape-webpage/Snyk

scrape-webpage

Warn

Audited by Snyk on Feb 17, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's analyze-webpage.js explicitly loads and scrapes arbitrary public webpages (see the command: node .claude/skills/scrape-webpage/scripts/analyze-webpage.js "https://example.com/page") and saves/exposes the page HTML, metadata, and downloaded images (metadata.json html/images fields), meaning the agent will ingest and process untrusted third‑party web content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 12:15 AM