wuying-browser-use

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill spawns an automated browser and executes user-provided tasks that navigate and scrape arbitrary public websites (see SKILL.md examples like 京东, 新浪新闻, 微博) via scripts/browser-use.py's call to agent.browser.execute_task(args.task), so it ingests untrusted third‑party content that could carry indirect prompt injections.