peach-e2e-run

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill connects to a local Chrome instance and explicitly lists and targets arbitrary page tabs (e.g., the "탭 확인" examples showing https://www.naver.com/ and eval commands like document.querySelector and location.href in the "결과 보고 + 디버깅" section), meaning the agent reads and acts on untrusted public web page DOM/content which can materially influence scenario execution.