setup-browser-cookies

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The skill embeds many explicit but out-of-scope operational instructions (telemetry/analytics, artifact sync that can publish to GitHub, automated edits/commits to CLAUDE.md, vendoring migration, config changes and prompts) that go far beyond "import browser cookies" and instruct the agent to alter project state or opt into data sharing, so it contains deceptive/out-of-scope instructions acting as a prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes a runtime setup path that downloads and executes a remote installer script via curl -fsSL "https://bun.sh/install" -o "$tmpfile" followed by bash "$tmpfile", which fetches and runs remote code during skill execution.