scraper-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Mode 1 "Agent-Browser Analysis" (references/agent-browser-workflow.md and the SKILL.md agent-browser examples) instructs the agent to open arbitrary public URLs and ingest interactive accessibility-tree snapshots (agent-browser snapshot JSON) from target sites, which are untrusted third‑party webpages that the agent is expected to read and interpret to discover selectors and generate PageObject code.