stagehand-browser-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates to arbitrary public URLs via the "browser navigate " command and then uses Stagehand's page.act/page.extract to read and act on live web pages (see EXAMPLES.md and REFERENCE.md which show visiting techcrunch.com, google.com and arbitrary URLs), so untrusted third‑party page content can be ingested and influence the agent's actions.