visual-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates to and captures arbitrary target URLs provided in the input (see "Phase 2: Navigation & State Setup" and the input contract field target_url/pages), so it fetches and processes untrusted public web content which could carry indirect prompt injections.