recorder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow instructs running opensteer record --url <url> (Quick Start / Workflow step 1) and then to read and summarize the generated script at .opensteer/workspaces/<id>/recorded-flow.ts (Workflow step 7–8), which means it will browse/record arbitrary public URLs and ingest untrusted third-party content that can influence replayed actions.