web-monitor-bot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and interprets arbitrary public websites provided as TARGET_URL (see SKILL.md instructions to "Set TARGET_URL" and assets/bot-template.js where page.goto(targetUrl) and selector checks/clicks are performed), and it uses scraped page content to drive actions (foundMatch → notifications, humanClick, screenshots), so untrusted third-party content can materially influence behavior.