cloakbrowser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and executes against arbitrary public websites as part of normal operation (see SKILL.md and scripts/fetch.py, scripts/eval-js.py, screenshot.py, pdf.py which take a URL and load remote pages), so untrusted third‑party content is ingested and can influence subsequent actions.