hosted-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Chrome extension explicitly extracts page DOM and React internals (and uses a screenshot tool) from arbitrary web pages the user visits, which means the agent will ingest and interpret untrusted third‑party content from public sites/URLs.