browser
Warn
Audited by Snyk on Feb 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill runs a local browser automation workflow that navigates to arbitrary URLs and executes/evaluates page JavaScript (see nav.js, eval.js, pick.js which accept user-supplied URLs/expressions and return page-derived data), so it clearly ingests untrusted public web content that could carry indirect prompt-injection payloads.
Audit Metadata