use-tinyfish

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's CLI explicitly runs browser automations against arbitrary public URLs (e.g., the Core Command "tinyfish agent run --url ''" and multiple usage examples), so it ingests and acts on untrusted third‑party web content which could contain instructions that influence agent behavior.