product-showcase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (see "Gather Input" App URL and the "Explore the App" steps in SKILL.md) requires the agent to visit and scrape a user-provided/public App URL via Chrome MCP or Playwright, ingesting arbitrary web content and extracting value/feature instructions that directly influence what the agent captures, writes, and does.