k8s-browser

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains explicit examples embedding API keys and bearer tokens in headers and env exports (e.g., Authorization: "Bearer token123", BROWSERBASE_API_KEY=bb_..., and plaintext passwords), which instruct the agent to include secret values verbatim in generated commands/code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill can open and interact with arbitrary web pages (e.g., browser_open(url="...") and examples using Grafana/ArgoCD) and can retrieve page content via browser_content()/browser_title(), so it clearly ingests untrusted third-party web content that could carry indirect prompt-injection payloads.