oxylabs-headless-browser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md and examples.md explicitly show connecting a remote Oxylabs headless browser and using Playwright/Puppeteer to page.goto arbitrary public URLs (e.g., page.goto("https://example.com/products")) and read/act on page.content()/elements, meaning untrusted third‑party web content is fetched and can influence subsequent actions.