yoitao-jimeng-sessionid
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE] (MEDIUM): The skill is explicitly designed to extract the 'sessionid' authentication cookie from 'jimeng.jianying.com'. This token grants full access to the user's account. While this is the intended use case, it places highly sensitive data into the agent's memory context, which could be exfiltrated if the agent is compromised or tricked via prompt injection.
- [COMMAND_EXECUTION] (MEDIUM): The skill utilizes 'browser_run_code' to execute custom JavaScript in the browser context. While the included script is limited to cookie retrieval, the underlying tool allows for any arbitrary code execution on the target domain, representing a high-privilege capability.
- [EXTERNAL_DOWNLOADS] (LOW): The skill recommends installing '@playwright/mcp' via 'npx'. Since Playwright is maintained by Microsoft (a trusted organization), this finding is downgraded per trust rules, but remains a dependency on external code.
- [DATA_EXFILTRATION] (LOW): The workflow transfers a live session token from the browser to the agent. While the script does not send the data to an external URL, the agent now holds a credential that can be used for session hijacking if leaked in subsequent steps.
Audit Metadata