symfony

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation explicitly shows runtime fetching and parsing of public websites and manifests (e.g., "External HTTP Requests" in references/browser-kit.md with HttpBrowser requesting https://github.com and the JsonManifestVersionStrategy remote manifest example in references/asset.md), which requires the agent to read and act on untrusted third‑party content and could therefore allow indirect prompt injection.