page-inspector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent (via PinchTab) to navigate to the provided TARGET_URL and evaluate the live page's DOM and computed styles (including filling forms if needed), which exposes it to untrusted public web content that will be read and used to produce reports influencing future actions.