qa

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Browser QA workflow and the bin/screenshot.sh Playwright script explicitly navigate to and capture arbitrary URLs (web pages) and require the agent to read and evaluate page content as part of testing, exposing it to untrusted third‑party web content that could contain indirect prompt injections.