amazon-product-api-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and scripts/amazon_product_api.py clearly call the BrowserAct API to crawl and extract product listings from Amazon search results (public third-party pages), so the agent ingests untrusted web content from Amazon via api.browseract.com and uses that extracted data as part of its workflow and decision-making.