lazyweb-design-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required "Web Research + Live Screenshot Capture (REQUIRED)" workflow and explicit commands (e.g., using the browse tool: $LB goto "https://…", $LB screenshot, and curl -sL "{imageUrl}" to save images) fetch and ingest content from public websites and Lazyweb results (desktop pageUrl / visionDescription), which the agent must read and use to form recommendations—exposing it to untrusted third-party content that can influence actions.