stably-verify

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and README explicitly state that the AI agent "navigates your app in a real browser" and accepts an arbitrary starting URL via --url <url> (or auto-detects a URL), meaning it will fetch and interpret third-party web content as part of its verification workflow and that content can influence the agent's actions and PASS/FAIL decisions.