pbir-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow and references instruct the agent to fetch and render arbitrary external URLs (e.g., "pbir add image ... https://..." in references/add-image.md) and to publish reports and inspect them with browser automation (SKILL.md step 6 using chrome-mcp/devtools/playwright), which clearly ingests untrusted third‑party content that could influence agent actions.