browser-screenshot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates to arbitrary, user-supplied public URLs (see scripts/screenshot.py using page.goto(url) and SKILL.md examples like "python scripts/screenshot.py https://example.com output.png") and uses page content (wait_for_selector, query_selector, element screenshots) to control its operations, so untrusted third-party webpage content can influence tool behavior.