kuroco-frontend-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The AI Deployment workflow (references/ai-deployment.md) explicitly instructs the agent to call the browser MCP javascript_tool against third‑party Kuroco management URLs (e.g. https://{site_key}.g.kuroco-mng.app/direct/rcms_api/admin_api/?MODE=whoami, temp_upload_url, deploy) and to parse those JSON/URL responses to decide and perform follow-up actions (artifact upload and deploy), so untrusted third‑party responses are ingested and can materially influence subsequent tool use.