agent-browser-troubleshooting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This SKILL.md explicitly instructs the agent to open and interact with arbitrary external webpages and APIs (e.g., "agent-browser open 'https://target-site.com'", "agent-browser snapshot", "agent-browser eval 'fetch(...)'", and "agent-browser network requests"), meaning it will fetch and interpret untrusted public web content that could carry indirect prompt-injection instructions.