skills/vm0-ai/vm0-skills/browserstack/Snyk

browserstack

Warn

Audited by Snyk on May 14, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs the agent to fetch session records, download session videos and logs, and generate screenshots of arbitrary URLs (see steps 5, 7, 12 and "Get Console / Network / Appium Logs"), which ingest untrusted/user-provided web content and logs from BrowserStack that could materially influence actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 14, 2026, 04:41 AM

Issues

1

Security Audit — snyk — browserstack