browserbase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly creates cloud browser sessions for Playwright/Puppeteer and exposes debug URLs, session recordings, and downloaded files via the Browserbase API (see "When to Use" and steps "Create a Session", "Get Debug/Live URLs", "Get Session Recording", and "Get Session Downloads"), which means the agent will load and consume arbitrary public web pages and their content (untrusted third-party sources) as part of its workflow and that content could influence subsequent actions.