webapp-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill includes browser automation that navigates to arbitrary "accessible URL"s (see "Navigate to URLs" and the prerequisite "a locally running web application (or accessible URL)" and examples using page.goto), so it can fetch and read untrusted third-party web content (pages, console logs, network requests) supplied at runtime.