aws-agentcore

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly lists a "Browser Tool" in AgentCore Components and the "Available Use Cases" include "Enterprise Web Intelligence — Browser tools for research" (with links to the public aws-labs samples repo), indicating the agent can fetch and interpret open/public web content that could contain untrusted, user-generated instructions.