daub-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Playground explicitly fetches and ingests arbitrary web pages via the Link feature/backend (functions/api/weblook.js) and includes the captured page text and screenshot into messages (see PIPELINE.md's buildMessages and CHANGELOG v3.2.0), meaning untrusted public URLs can be read and can influence generation and subsequent tool actions.