Your AI agent did exactly what it was designed to do. The framework underneath it just handed an attacker a shell on the box that holds your OpenAI key, your database credentials, and your CRM tokens.
Browser-in-browser, navigate to the address of WRP and use the built-in web form to browse web. HTTP proxy mode which offers more seamless, but also limited use. Semi compatible with https://. ISMAP ...