claude-bowser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow step 2 instructs the agent to navigate and interact with web pages using Chrome MCP tools (using your real Chrome/profile/extensions), which clearly fetches and ingests arbitrary public third‑party websites that could contain untrusted/user‑generated instructions.