browserless

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md instructs using Browserless (a browser automation/scraping service) via Membrane actions (see "Browser -> Page -> Content" and the "Working with Browserless" action run/list/create workflow) which clearly enables fetching and ingesting arbitrary public web content that the agent would read and act on, exposing it to untrusted third-party content.