Skills
skills/wghust/stark-skills/chrome-tab-killer/Snyk

chrome-tab-killer

Warn

Audited by Snyk on Mar 30, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill programmatically fetches and parses the browser's open-tab metadata via CDP (curl http://127.0.0.1:9222/json/list plus optional Page.navigate/Runtime.evaluate of pages like chrome://discards/) and reads tab titles/URLs from arbitrary websites, and those untrusted third‑party page values are used by the agent's heuristics to decide which tabs to close.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 30, 2026, 02:19 AM
Issues
1