website-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly asks for a root URL and uses agent-browser to crawl and extract content from the target site's public pages (see "The user provides: the root URL" and the "Per-page crawl" / "Step 1: Pre-Scan" instructions), meaning it ingests untrusted third-party web content and uses that content to drive crawling decisions and downstream actions.