BrightData

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and ingests arbitrary public web content from user-provided URLs (see SKILL.md and Workflows/FourTierScrape.md and Workflows/Crawl.md which call WebFetch, curl/Playwright, and Bright Data MCP/scrape_batch), and it parses that content and extracted links to drive further scraping and tool actions, so untrusted third‑party content can materially influence agent behavior and enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches arbitrary user-provided URLs at runtime (e.g., the [URL] passed to WebFetch/Curl/Playwright such as https://example.com) and injects page content and discovered links into the agent workflow—content which is used to drive subsequent agent tool calls and crawling decisions, so external pages can directly influence agent instructions.