skills/ecnu-icalk/autoskill/DOM Parser for Playwright Selector Generation/Snyk

DOM Parser for Playwright Selector Generation

Warn

Audited by Snyk on Mar 18, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly requires generating JavaScript to "parse and filter webpage HTML" (SKILL.md: "Generates JavaScript code to parse and filter webpage HTML"), which implies ingesting arbitrary public web pages (untrusted third-party content) that the agent will read to generate Playwright selectors and thus could influence subsequent tool actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 18, 2026, 01:36 PM

Issues

1

Security Audit — snyk — DOM Parser for Playwright Selector Generation