tinyfish

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and scrapes arbitrary public webpages and search results (references/search-and-fetch.md: tinyfish fetch content get and tinyfish search query) and runs browser automation against user-supplied URLs (references/agent-run.md and references/browser-session.md: tinyfish agent run --url and browser session create), so untrusted, user-generated third‑party content from the open web is read/interpreted and can materially influence agent actions.