compare-flights

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and browser-scrape live data from public third-party sites (e.g., Skiplagged, Kiwi.com, Google Flights via browser automation, seats.aero and portal websites) and to read/interpret those results to drive pricing, award/transfer calculations and follow-up actions, exposing the agent to untrusted web content that can materially influence decisions.