dev-browser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly describes navigating and scraping arbitrary websites (trigger phrases like "go to [url]", "scrape", "navigate websites"), so the skill fetches and interprets untrusted public web content from third-party URLs which can influence tool actions.