web-browser-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's automation workflows (e.g., Workflow 2 "Automated Research and Data Collection" using PyXA which executes tab.execute_javascript to read page content, and Workflow 4 "Web Scraping and Data Extraction" using Puppeteer/Playwright with page.goto and page.evaluate) explicitly fetch and extract data from public websites like scholar.google.com, arxiv.org, github.com and other arbitrary URLs, meaning the agent will read/interpret untrusted third‑party/user‑generated web content.