redfin-real-estate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's scraper (scripts/scraper.py) builds and loads live Redfin URLs (build_redfin_url -> driver.get(url)) and parses driver.page_source with BeautifulSoup, so it directly ingests public Redfin listing content (third‑party/untrusted) that the agent reads and displays, enabling potential indirect prompt injection.