browser-test

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's required workflow explicitly opens arbitrary target URLs ("Open page — call mcp__claude-flow__browser_open" in SKILL.md) and reads/interacts with page content via commands like browser_get-text and browser_eval, which means untrusted public web content could be ingested and influence agent actions.