feature-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Screenshot + overlay" workflow explicitly asks the user for a URL and uses Playwright to navigate to that page and capture a screenshot (Phase 5: "Style: Screenshot + overlay" — "Ask the user for the URL of the running app" / "Navigate to the relevant page with Playwright"), which means it can fetch and ingest arbitrary external web content provided at runtime that could influence subsequent image-generation actions.