oss-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) explicitly instructs using scripts/fetch-github-stats.sh to call the public GitHub API and to launch a Browser Agent / scripts/logo-url.sh to visit and scrape the project's homepage (HTML, icons, brand colors, copy), which the agent must read and use to determine logos, colors, metrics and scene content—exposing it to untrusted, user-controlled web content that can influence subsequent actions.