observability

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Debugging Workflow and command examples (e.g., "browser-devtools-cli $SESSION navigation go-to --url ...", plus --json o11y get-console-messages and get-http-requests) explicitly instruct the agent to navigate to arbitrary web URLs and read console/network output from those pages, which are untrusted third-party sources that can influence subsequent tool use and decisions.