d3k

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md's Fix Workflow and "Creating PRs" sections explicitly instruct using d3k agent-browser to open arbitrary public/production URLs (e.g., "d3k agent-browser --cdp open https://production-url.com/affected-page" and capture_before_after_screenshots), causing the agent to fetch and interact with untrusted third‑party web content that can influence subsequent actions.