browser-use

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples that pass API keys and passwords as literal command arguments (e.g., "browser-use cloud login " and chaining input of "password", cookies set ), which would require the LLM to include secret values verbatim in generated commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly navigates to arbitrary public URLs with commands like "browser-use open " and then reads and acts on page content via "browser-use state", "browser-use get html/get text", and "browser-use eval", so untrusted third-party web pages or user-generated content can directly influence subsequent interactions and actions.