cdp-ext-pilot
Warn
Audited by Snyk on Jul 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill fetches remote binaries at runtime from https://googlechromelabs.github.io/chrome-for-testing/last-known-good-versions-with-downloads.json (and then downloads the listed chrome build) and then extracts and runs the downloaded Chrome binary, meaning remote code is fetched and executed during runtime.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata