browser-max-automation
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly automates browsing arbitrary web pages (e.g., browser_navigate(url) in SKILL.md and the direct CDP flow in references/instructions/cdp-direct-websocket.instructions.md which uses Runtime.evaluate and Page.captureScreenshot/document.body.innerText), so the agent will fetch and interpret untrusted third‑party webpage content that can drive subsequent clicks/navigation and decisions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata