camofox-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly opens and navigates to arbitrary URLs and search engines (camofox open, navigate, search including reddit), extracts and evaluates page content (get-text, get-links, eval, download) and captures console/errors, so it actively ingests untrusted public web/user-generated content as part of its required workflow (see SKILL.md and references/command-reference.md).