browser-devtools-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed plaintext credentials directly in CLI commands (e.g., --value "password123"), which instructs the agent to include secrets verbatim in generated commands/outputs and is therefore high risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates to arbitrary external URLs (see navigation go-to --url in SKILL.md/references/navigation.md) and ingests page content and DOM (content get-as-text/get-as-html, a11y snapshots, run js-in-browser) as part of its workflows, so untrusted public web pages can be read and used to drive subsequent tool actions.