use-instavm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's platform reference explicitly directs the agent to fetch and read external OpenAPI or live docs and to use browser automation to navigate arbitrary URLs (see references/platform.md "When to fetch OpenAPI or docs" and the "Browser automation" example), which ingests untrusted third‑party content that can change tool use and decisions.