skills/vm0-ai/vm0-skills/browserless/Snyk

browserless

Warn

Audited by Snyk on Apr 17, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly sends arbitrary public URLs to browserless endpoints (e.g., /scrape, /content, /function) and shows examples scraping sites like news.ycombinator.com, so untrusted, user-generated web content is fetched and ingested and can directly influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.80). The skill calls the Browserless runtime API (e.g. https://production-sfo.browserless.io/function?token=$BROWSERLESS_TOKEN) during execution to run user-supplied JavaScript on the remote service, so this external URL is a required runtime dependency that executes remote code.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 17, 2026, 04:43 PM

Issues

2