gologin-local-agent-browser-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly opens and interacts with arbitrary external webpages (e.g., SKILL.md and workflows/profile-warmup.md / workflows/reddit-session-routine.md show commands like "open https://www.reddit.com" plus "snapshot" and ref-driven "click"/"type"/"find"), so untrusted, user-generated web content is ingested and directly drives subsequent agent actions.