browser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows and examples explicitly direct the agent to open and interact with public websites (e.g., New Page to https://example.com and ${BASE_URL}=https://the-internet.herokuapp.com) and use Get Text/Get Url assertions on that externally fetched content to drive test flow, so untrusted third‑party page content could influence agent actions.