bridge-gemini

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Subagent Mode and CLI reference explicitly describe spawning subagents (when .gemini/settings.json experimental.enableAgents is true) and include a built-in "Browser" subagent for web automation via Chrome DevTools, meaning the bridge can invoke browsing of open/public websites and ingest their content into agent workflows without per-step confirmation (see "Subagent Mode" in SKILL.md and "Built-in agents" / "Browser | Web automation via Chrome DevTools" in cli-reference.md).