browser-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly advertises web-scraping and "agentic browser control" (see the description and Capabilities: "web-scraping", "browser-automation"), indicating the skill is intended to fetch and act on open/public third-party web content that could influence agent decisions and enable indirect prompt injection.