Skills
NYC
skills/johnlindquist/claude-workshop-skills/chrome-devtools/Snyk

chrome-devtools

Warn

Audited by Snyk on Feb 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). This skill can navigate to arbitrary URLs (navigate_page / new_page) and then read and interpret untrusted page content via tools like evaluate_script, list_console_messages, list_network_requests, get_network_request, take_snapshot and take_screenshot, so it clearly ingests public/third‑party user-generated content that could carry indirect prompt injection.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 08:55 PM