saccoai-swiss-compliance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly crawls and scrapes arbitrary target websites with "agent-browser" (Phase 1: "Crawl the target site with agent-browser") and reads site content and third-party scripts (privacy pages, cookie banners, script URLs) which the agent then uses to decide actions (generate pages, wrap scripts, and create the cookie-inventory.json), exposing it to untrusted public web content that could carry indirect prompt-injection.