reversing-network

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to navigate to target websites and use browser_start_network_capture and browser_get_request_response to capture and inspect request/response bodies from public sites (e.g., browser_navigate + browser_get_request_response), and the agent then parses those untrusted responses to extract tokens/endpoints and drive HTTP requests, so third‑party content can materially influence behavior.