brightdata-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and ingest arbitrary public web and social content (e.g., platform scrapers in SKILL.md and references/scrapers.md, the generic web unlocker client.scrape_url() in references/advanced.md, SERP/discover methods in references/search.md, and Browser API/scraper-studio flows) and to read/act on those results as part of multi-step workflows, which exposes it to untrusted third‑party content that could carry indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill uses the Browser API at runtime which returns/uses a WebSocket connect URL (e.g., wss://username:password@brd.superproxy.io:9222) that is fetched and used to connect to a remote browser/CDP and thus enables execution of remote code/commands.