trigger-dev-tasks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's config.md explicitly documents using Playwright/Puppeteer for "Web Scraping" (and includes scraping-related files like selectors.json and proxies.txt), which indicates the agent's workflows can fetch and ingest arbitrary public web content (untrusted user-generated sites) that the agent is expected to read/interpret.