browser-use

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md explicitly instructs using the Browser Use SDK / open-source Agent (e.g., client.run or Agent.run) to browse and scrape public websites such as "取得 Hacker News 前 5 則標題", so the agent will fetch and interpret untrusted, user-generated/open web content as part of its workflow.