product-showcase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md "Explore the App" workflow explicitly instructs the agent to navigate and interact with the provided App URL (load pages, click nav items, capture screenshots, and extract features), meaning it fetches and interprets arbitrary third‑party web content that can influence its subsequent actions.