docyrus-browser-cli
Fail
Audited by Snyk on Jun 24, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The CLI examples require embedding raw secrets in commands (e.g., using docyrus browser fill "password") and can output sensitive cookies/session tokens (docyrus browser cookies), so an agent following the skill would need to handle and potentially emit secret values verbatim.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The required workflow can fetch and extract readable page content from an outsider-supplied URL via
docyrus browser nav <url>/docyrus browser content <url>, which the daemon then ingests through CDP and returns to the agent as prose/JSON (e.g., extracted markdown or page-derived text), enabling indirect prompt injection.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata