Skip to main content

photopea-embedded-editor

Enables embedding of Photopea in web applications, allowing for advanced image editing capabilities directly within the app.

Install this skill

or
69/100

Security score

The photopea-embedded-editor skill was audited on Jun 10, 2026 and we found 23 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 251

Template literal with variable interpolation in command context

SourceSKILL.md
251await pea.runScript(`app.open(${imageUrlLiteral}, null, true);`);
medium line 312

Template literal with variable interpolation in command context

SourceSKILL.md
312await pea.runScript(`
low line 198

Fetch to external URL

SourceSKILL.md
198const buf = await (await fetch("https://example.com/MyFont.otf")).arrayBuffer();
low line 203

Fetch to external URL

SourceSKILL.md
203await pea.loadAsset(await (await fetch("Nature.ABR")).arrayBuffer());
low line 206

Fetch to external URL

SourceSKILL.md
206await pea.loadAsset(await (await fetch("Gradients.GRD")).arrayBuffer());
low line 221

Fetch to external URL

SourceSKILL.md
221const buf = await (await fetch("https://my-assets.com/sticker.png")).arrayBuffer();
low line 35

External URL reference

SourceSKILL.md
35npm package: https://www.npmjs.com/package/photopea
low line 41

External URL reference

SourceSKILL.md
41<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/photopea.min.js"></script>
low line 80

External URL reference

SourceSKILL.md
80<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/photopea.min.js"></script>
low line 114

External URL reference

SourceSKILL.md
114await pea.openFromURL("https://example.com/design.psd", false);
low line 117

External URL reference

SourceSKILL.md
117await pea.openFromURL("https://example.com/overlay.png", true);
low line 198

External URL reference

SourceSKILL.md
198const buf = await (await fetch("https://example.com/MyFont.otf")).arrayBuffer();
low line 221

External URL reference

SourceSKILL.md
221const buf = await (await fetch("https://my-assets.com/sticker.png")).arrayBuffer();
low line 231

External URL reference

SourceSKILL.md
231"url": "https://my-plugin.example.com",
low line 232

External URL reference

SourceSKILL.md
232"icon": "===https://my-plugin.example.com/icon.png"
low line 288

External URL reference

SourceSKILL.md
288<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/photopea.min.js"></script>
low line 309

External URL reference

SourceSKILL.md
309await pea.openFromURL("https://example.com/card.psd", false);
low line 1313

External URL reference

SourceSKILL.md
1313app.open("https://example.com/watermark.png", null, true);
low line 1399

External URL reference

SourceSKILL.md
1399- npm: https://www.npmjs.com/package/photopea
low line 1400

External URL reference

SourceSKILL.md
1400- Photopea Live Messaging API: https://www.photopea.com/api/live
low line 1401

External URL reference

SourceSKILL.md
1401- Photopea Script reference: https://www.photopea.com/learn/scripts
low line 1402

External URL reference

SourceSKILL.md
1402- Photoshop JS Scripting reference (compatible): https://theiviaxx.github.io/photoshop-docs/Photoshop/index.html
low line 1403

External URL reference

SourceSKILL.md
1403- Plugin dev gists (addImageAndWait, getDocumentAsImage): https://gist.github.com/yikuansun/c0f1a602b4e9d4e344a41c4f49ded3bf
Scanned on Jun 10, 2026
View Security Dashboard
Installation guide →
GitHub Stars 39.2K
Rate this skill
Categorydevelopment
UpdatedJune 10, 2026
frontenddesignreactremotiondocxgitapitestingbackendfrontend-developerproduct-managerux-designerdevelopmentproductdesign
sickn33/antigravity-awesome-skills