extracting-browser-history-artifacts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly reads and interprets browser-sourced, user-generated third-party content (URLs, page titles, search/form history, localStorage entries, cookies, etc.) from local browser artifact files—see SKILL.md Steps 2–4 and the extract_* functions in scripts/agent.py (and Hindsight usage)—and uses that content to produce analysis and "suspicious findings", so untrusted web-origin content can materially influence decisions.