stealth-browser

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). This large list contains numerous high‑risk indicators — URL shorteners and redirectors, affiliate/ad networks, personal/file‑hosting and IP addresses, obscure/typosquatted domains and direct executable/mobile APK links (e.g. loader.to/loader.apk) — all common malware distribution vectors, so the sources are suspicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). High likelihood: the skill’s runtime “read ”/CDP flow ingests outsider-authored free text from arbitrary web pages (public web content fetched at runtime) into the agent’s LLM context via markdown extraction.