webapp-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core capabilities include "Navigate to URLs" and the prerequisites explicitly allow testing an "accessible URL" (not just localhost), and it reads and verifies page text, console logs, and network requests—meaning it can fetch and interpret arbitrary public web content which could be untrusted user-generated content.