kernel-computer-controls

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's "Common Pattern" shows use of kernel browsers playwright execute (e.g., await page.goto("https://...")) together with kernel browsers computer screenshot to capture arbitrary web pages, which means the agent can navigate to and ingest untrusted public web content (screenshots/visuals) from arbitrary URLs.