agent-browser
Warn
Audited by Snyk on May 1, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates to arbitrary URLs and ingests page content (e.g., SKILL.md's core workflow "agent-browser open " plus "agent-browser snapshot -i" / "agent-browser get text" and templates/capture-workflow.sh which open a target URL and save page text), so untrusted public webpages can be read and used to drive subsequent actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata