browser-testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill includes examples that place passwords/credentials directly in CLI --value arguments (e.g., "SecurePass123") and would require the agent to embed user-provided secrets verbatim into generated commands, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to navigate to arbitrary URLs (navigation go-to --url) and to read page content (content get-as-text, get-as-html, take-screenshot) from tested web pages, meaning it fetches and interprets untrusted public web content as part of its workflow (e.g., "Basic Testing Workflow" and the Navigation/Content Capture sections).