browserhub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports running Browserhub scrapers and retrieving run details/execution events via the "Create Run" and "Get Run" actions (see "Popular actions") and allows proxying requests to the Browserhub API (see "Proxy requests"), which means the agent can ingest scraped content from arbitrary public websites (untrusted third-party sources) that could materially influence subsequent actions.