computer-use-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Browser-Use Pattern explicitly navigates to and extracts page content (e.g., BrowserUseAgent.get_page_snapshot, page.text_content, and run_with_llm which navigates to URLs like "weather.com"), so the agent browses and ingests untrusted public web pages as part of its workflow, enabling indirect prompt injection.