browser-use-2

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md and helper script show it submits arbitrary plain-English tasks to https://api.browser-use.com/api/v2/tasks (examples: "Go to hacker news and get the top 3 stories", "Search Google for AI news"), which causes the cloud browser to fetch and ingest open/public, user-generated web content that the agent will read and act on.