ask-opencli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly runs opencli against third-party sites (grok.com and gemini.google.com) via the user's logged-in browser and requires capturing and using the raw responses ("Commands" and "Execution protocol" / "Artifact requirement" in SKILL.md), so the agent ingests untrusted web/AI-produced content that can materially influence subsequent actions.