peach-e2e-browse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core workflow and required commands (SKILL.md and the referenced Flutter-웹앱-패턴.md) direct the agent to open arbitrary URLs and run eval/fetch on live pages (e.g., agent-browser open "https://대상URL", agent-browser eval "document.body.innerText...", and fetching/parsing /ui/main.dart.js to extract API methods), meaning it ingests untrusted public web content and uses that content to decide and execute follow-up actions.