agents-build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly adds the Browser tool (see references/browser.md and the SKILL.md workflow mapping) and contains examples where the agent navigates, scrapes, and extracts data from arbitrary web pages (e.g., "scrape a website", GitHub example, Nova Act/Playwright flows), so it ingests untrusted third‑party web content that can directly influence tool use and next actions.