copy-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly uses the browser-use fetcher to load arbitrary public target URLs and intercept XHR/fetch responses (Phase 1 · Deep Analysis in SKILL.md and the Usage guide), then parses screenshots, computed styles, network JSON and API endpoints to drive site-analysis.md and code generation, so untrusted third‑party content can directly influence subsequent tool use and actions.