robotframework-browser-skill

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt contains literal plaintext password examples (e.g., "Fill input#password secret123") and shows embedding credential values directly into test code, which would encourage or require the LLM to output secrets verbatim if real credentials are used.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill instructs agents to open and interact with arbitrary web pages and external URLs (e.g., New Page ${URL}, Click external links, iframe src like payment.provider.com) and to read/ingest page content (Get Text, Get Page Source, Download, Evaluate JavaScript), which exposes the agent to untrusted third-party web content that could carry indirect prompt injections.