workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly opens and ingests arbitrary web pages (browser-pdf-generation: "targetUrl=") and automates dashboard/site scraping (browser-mediavine-csv.md) and spawns agents to research competitors including "user reviews summary" (parallel-research.md), which means it will read untrusted, user-generated public content that could contain indirect prompt injection.