dev-test-electron

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md and examples like "Page.navigate" and the scripts/examples using curl + /json/list, Page.navigate to http(s) URLs, Runtime.evaluate/DOM.querySelector, and Network.getResponseBody) instructs the agent to load and read web pages and network response bodies (including arbitrary http/https targets) from renderer targets, so it clearly ingests untrusted third‑party web content and then uses that content to drive test decisions and follow‑up actions.