skills/openai/role-specific-plugins/url-to-code/Snyk

url-to-code

Warn

Audited by Snyk on Jun 16, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). The workflow uses browser-order to open a user-supplied target URL and then captures the page’s visible content and DOM (text, links, assets) into the agent’s context, which is public/outsider-authored web content fetched at runtime.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 16, 2026, 06:13 AM

Issues

1

Security Audit — snyk — url-to-code