computer-use-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The BrowserUseAgent (get_page_snapshot and run_with_llm) explicitly navigates to and ingests arbitrary public web pages (e.g., the usage example "Go to weather.com..." and the snapshot that includes URL/title/body/interactable elements) and sends that untrusted page content to the LLM to decide actions, which meets the criteria for indirect prompt injection risk.