browser-use

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill instructs the agent to navigate to and scrape arbitrary public websites (e.g., examples in README and Task Writing Guide: visiting https://www.reddit.com, https://news.ycombinator.com, extracting titles/URLs, and performing posts), so it clearly fetches and interprets untrusted third‑party content which can influence subsequent actions.