Skills
skills/proffesor-for-testing/agentic-qe/qe-a11y-ally/Snyk

qe-a11y-ally

Warn

Audited by Snyk on Feb 27, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). This skill autonomously fetches and crawls arbitrary public URLs (STEP 1: mcp__..._browser_navigate / page.goto(TARGET_URL) and crawlAndAudit), downloads and analyzes video content (STEP 7: curl download + ffmpeg frame extraction) and explicitly instructs the LLM to read/interpret page HTML and frame images to generate remediation and follow-up actions, so untrusted third‑party content can materially influence agent behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.70). The prompt explicitly instructs launching Chromium with flags that disable sandboxing (--no-sandbox, --disable-setuid-sandbox) and uses shell commands (npm install, curl, ffmpeg) that run arbitrary code, which encourages bypassing browser sandbox/security protections even though it does not request sudo, edit system files, or create users.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 27, 2026, 06:09 PM