devops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's browser-rendering and advanced-worker examples (references/browser-rendering.md and references/cloudflare-workers-advanced.md) use Puppeteer to navigate to arbitrary public URLs (e.g., page.goto('https://news.ycombinator.com') and page.goto(message.body.url')) and then pass page.content() into an AI extractor, which clearly fetches and ingests untrusted, user-generated web content as part of the agent's workflow.