domain-authority-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and evaluates content from target domains and URLs as part of its required workflow (see "Reads: the target domain..." in the Skill Contract and the "Security boundary — WebFetch content is untrusted" section of the Runbook), meaning it ingests untrusted public web content that can directly influence scoring, veto caps, and downstream actions.