test-site

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directly navigates to and crawls a user-supplied or auto-detected SITE_URL (see Phase 2.2 Navigate to SITE_URL and Phase 4 browser_evaluate link extraction), ingesting arbitrary public site content and using that content to decide authentication flows, crawling actions, and API tests.