wise-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to "Explore — inspect the live site with agent-browser" and shows agent-browser open/eval/click commands in references/guide.md and SKILL.md (and uses entry URLs and discovered_urls artifacts in guide.md and examples) — meaning the agent fetches and reads arbitrary public web pages whose content is untrusted and which directly drive selector logic, pagination, hooks, and next actions.