browser-use

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill navigates arbitrary public URLs and extracts page content (e.g., browser-use open , browser-use state, get html/get text, and agent tasks like browser-use run or extract), so it ingests untrusted public/user-generated web content that could enable indirect prompt injection.