cdp-bridge-mcp-browser-control

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill exposes and returns authentication secrets (cookies/session values via browser_cookies and Network.getCookies), so the LLM would receive and potentially be required to include those secret values verbatim, creating a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly describes tools like browser_scan and browser_execute_js that extract and interpret HTML/text from arbitrary connected browser tabs (see "Scan Page Content" and "Extract Article Content from Logged-In Site"), which means the agent ingests untrusted public web content that can materially influence follow-up actions.