browserbase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs creating Browserbase browser sessions for Playwright/Puppeteer automation and retrieving live debug URLs, page lists, session recordings and downloads (see "Create a Session", "Get Debug/Live URLs", "pages", and "Get Session Recording"), which means the agent will load and read arbitrary third‑party webpages and their content that could influence subsequent actions.