page-prep
Warn
Audited by Snyk on Jul 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). Yes:
scripts/overlay-db.jsfetches outsider-authored free text at runtime from public URLs (GitHub rawRules.jsonand EasyList hide rules), embeds it into the bundled script (buildBundle), and that bundle is then evaluated in the page viaplaywright-cli eval, so the LLM context can be influenced indirectly by untrusted fetched content.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill's runtime script scripts/overlay-db.js fetches external pattern databases from https://raw.githubusercontent.com/cavi-au/Consent-O-Matic/master/Rules.json and https://raw.githubusercontent.com/easylist/easylist/master/easylist_cookie/easylist_cookie_general_hide.txt and embeds their content into the injectable bundle which directly influences dismiss/hide recipes and therefore agent actions.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata