dont-make-me-think

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly requires "Browser access: /browse" and instructs under Input Handling / Working With Live Sites to "Use /browse to navigate, screenshot, interact" with live URLs, meaning the agent will fetch and interpret arbitrary public web pages (untrusted third-party content) that can influence its decisions and actions.