grabbit
Warn
Audited by Snyk on Feb 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to open arbitrary URLs and capture web pages (e.g., "grabbit browse --session open " and subsequent snapshots/HAR captures) and to use strings seen on those pages when generating workflows, which clearly ingests untrusted public third-party content that could contain indirect prompt injections.
Audit Metadata