browser-bridge

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This code intentionally implements backdoor-style remote browser control: the Chrome extension globally strips CSP, exposes debugger/CDP/cookies/management APIs and opens a persistent WebSocket link to a controller which can send arbitrary JS or CDP commands to execute in any tab, enumerate/exfiltrate cookies and tabs, manipulate other extensions, and copy cookies to the clipboard — capabilities that enable credential theft, data exfiltration and remote code execution in page contexts and are deliberately dangerous.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill autonomously navigates to and executes JS on arbitrary webpages and returns simplified HTML/transient text via commands like "navigate", "scan" and "exec" (see SKILL.md, scripts/browser.py and scripts/tmwd_bridge/simphtml.py), so it ingests untrusted public third-party content that the agent reads and can act upon.