uipath-interact

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to "Drive live desktop applications and browser tabs" and to "read values, inspect UI state, ... extract table data" from running applications, which means the skill will ingest and act on untrusted third‑party web/page content displayed in browser tabs or apps and thus could be subject to indirect prompt injection.