devops
Warn
Audited by Snyk on Feb 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill includes browser-rendering and crawler examples that navigate arbitrary external URLs and scrape page content (e.g., references/browser-rendering.md and references/cloudflare-workers-advanced.md show page.goto('https://news.ycombinator.com') and page.goto(url) where url comes from request params or queue messages, and an AI-powered scraper that passes scraped HTML to an LLM), which clearly ingests untrusted third‑party/web content for the agent to read and interpret.
Audit Metadata