peach-e2e-suite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly runs browser-driven E2E scenarios and uses agent-browser eval to read DOM/title/location and extract values (e.g., orderId) from pages specified by the suite/md and the E2E_BASE domain, allowing arbitrary/public URLs to be ingested and those page contents to drive subsequent steps and environment-variable-driven tool actions.