normies

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The Agent Prompt Template and workflow explicitly instruct agents to use browser MCP tools to visit and navigate the provided site URL (e.g., "If browser MCP tools are available, use them to visit the site at [URL]" and "Navigate to [URL]"), which requires fetching and interpreting arbitrary public web content that can be user-generated and could influence the agent's actions and decisions.