travel-concierge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly requires web scraping and (via agent-browser) browsing arbitrary public accommodation listings (Airbnb, Booking.com, VRBO, Expedia) when given user-supplied URLs, so the agent will fetch and interpret untrusted user-generated third‑party content as part of its workflow.