peach-e2e-browse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly opens and reads arbitrary web pages and resources (e.g., SKILL.md workflow: agent-browser open "https://대상URL", eval "document.body.innerText..." and references/Flutter-웹앱-패턴.md which fetches and parses '/ui/main.dart.js'), so the agent ingests untrusted, public third-party content and uses it to drive actions (clicks/fetches/decisions), enabling indirect prompt injection.