codebolt-agent-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly lists the Core API "codebolt.browser" methods (goToPage, getMarkdown) and documents the ResponseExecutor/MCP tool execution flow that feeds tool results back into the agent loop, which shows the agent can fetch and interpret arbitrary public web pages (untrusted third‑party content) and use those results to drive subsequent tool calls and decisions.