Skills
skills/factory-ai/factory-plugins/agent-browser/Snyk

agent-browser

Warn

Audited by Snyk on Apr 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill's core workflow explicitly opens arbitrary URLs with "agent-browser open " and then uses snapshot, get text/get html, and eval to read and act on page content, so untrusted public web pages can materially influence subsequent clicks/commands.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 23, 2026, 09:55 PM
Issues
1