agent-loop-browser
Warn
Audited by Snyk on Jun 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The skill’s runtime workflow navigates to arbitrary URLs (e.g., PR/preview pages) and then takes a “text snapshot”/page source via
chrome-devtools.take_snapshot(orbrowse goto), which can ingest outsider-authored free text from public web pages into the agent’s LLM context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata