announce

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and processes arbitrary public URLs ("From URL (browser automation or fetch)" to extract page title, description, features, and screenshots), which exposes the agent to untrusted third-party web content that could carry indirect prompt injection.