browse-aeo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (SKILL.md Mode 1 steps like "browse goto " plus "browse schema/meta/headings/text") and Mode 2 SERP Analysis (navigating and snapshotting Google and Perplexity) explicitly fetch and read arbitrary public web pages and search results, which the agent interprets to produce scores and recommendations, exposing it to untrusted third‑party content that could carry indirect prompt injection.