orangeapple-class-report

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to use Chrome DevTools to fetch and scrape content from external pages (https://corp.orangeapple.co/stages/{stage_id} and https://exam.orangeapple.co/classrooms/{classroom_id}), ingesting student lists and exam results which the agent must interpret and use to repair transcripts and drive report-generation, so untrusted third‑party page content can materially influence actions.