composio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs creating Browserbase sessions and using Playwright to navigate arbitrary web pages and scrape page.content() (Browserbase — Hybrid Workflow / Full Example Script) and also shows fetching Gmail and Twitter content, so the agent will ingest untrusted user-generated/public web/social content that can influence subsequent actions.

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

• Hidden Unicode characters detected (1 type(s) found)