devops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes browser-rendering examples that navigate to and scrape arbitrary public webpages (e.g., references/browser-rendering.md: page.goto('https://news.ycombinator.com') and page.goto(url) where url comes from request query params or queued message.body.url) and then pass the scraped HTML into an AI extractor, so it clearly ingests untrusted, user-provided third-party content for interpretation.