browser-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly automates browsing and scraping of arbitrary web pages (e.g., page.goto(url), processUrl(url), page.evaluate, $$eval, MutationObserver/setupProgressiveExtraction) and extracts page content from public sites, so it consumes untrusted third‑party/user‑generated content as part of its workflow.