browser-plus

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill autonomously navigates to and snapshots live web pages (see nativeBrowser.navigate/nativeBrowser.snapshot in scripts/adapters/native-browser.js and index.js's detectAndRoute, plus the scripts/composite/tweet.js flow that loads https://twitter.com/compose/tweet), then parses those untrusted page snapshots to decide adapter selection and drive typing/click/submit actions, so arbitrary third-party page content can materially influence its behavior.