kernel-typescript-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill’s examples and tools explicitly navigate to and scrape arbitrary public URLs (e.g., the "get-title" action which calls await page.goto(payload.url), the Stagehand and Magnitude examples using page.goto() and agent.extract()), so the agent will read and interpret untrusted third‑party web content.