browse-seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly navigates to and extracts data from arbitrary public URLs (e.g., via "browse goto " and subsequent commands like "browse meta", "browse headings", "browse schema", running custom "browse js", and fetching "/robots.txt" and "sitemap.xml"), so it ingests untrusted third‑party webpage content that the agent reads and uses to drive audit decisions.