skills/codeceptjs/skills/writing-codeceptjs-tests/Snyk

writing-codeceptjs-tests

Warn

Audited by Snyk on May 23, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). This skill explicitly opens real web pages via the MCP server and ingests untrusted page content (ARIA snapshots and page HTML) during the "7. Open a live session via MCP" and "8. Learn the page and pick locators" workflow to choose locators and next actions, so third-party page content can influence subsequent tool use.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 23, 2026, 11:09 AM

Issues

1

Security Audit — snyk — writing-codeceptjs-tests