troubleshoot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 5 frontend verification workflow and the "Authentication for Frontend Verify" section explicitly instruct the agent to open and interact with arbitrary web URLs (e.g., agent-browser open <login-url> --headed, state save/load, OAuth flows), which requires fetching and interpreting untrusted third‑party web content as part of its verification and decision-making process.