langfuse-dashboard

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md workflows and scripts (e.g., mcp__playwright__browser_navigate to https://cloud.langfuse.com/project/... and scripts/dashboard_helpers.py) explicitly load, snapshot, and eval DOM content from the public Langfuse Cloud dashboard (trace pages, metrics), meaning the agent ingests untrusted third-party/user-generated content that can materially influence subsequent tool actions.