Utilities

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The Browser skill explicitly navigates to and fetches arbitrary URLs and page snapshots (see Browser/SKILL.md and Recipes/SummarizePage.md and FormFill.md) and its BrowserAgent/UIReviewer workflows read and interpret that third‑party page content to decide clicks/fills and next actions, which exposes the agent to untrusted public web content that could carry indirect prompt injection.