DOM Capture Engine

The skill is internally consistent with a DOM-capture/screenshot library; the main risks are importing remote code (unpkg) and optional use of CORS proxies/plugins which could be misused for exfiltration if you pull untrusted code or proxies.

This skill appears coherent for taking DOM screenshots. Before installing or using it: 1) Prefer installing a pinned npm release (npm i @zumer/snapdom@<version>) rather than importing the latest bundle from unpkg to avoid unexpected remote code changes. 2) Be cautious about supplying or accepting arbitrary CORS proxy URLs (useProxy) or installing third‑party plugins — those could forward captured images or execute code you didn't intend. 3) If you run captures inside an automated browser (xbrowser.evaluate), treat returned data URLs as sensitive (they contain image data) and avoid sending them to untrusted endpoints. If you need higher assurance, inspect the published package contents (the npm package or a tagged GitHub release) and audit any plugins you install.