seo-technical

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and analyze live public site content (robots.txt, XML sitemaps, page HTML/JS rendering, Core Web Vitals via DataForSEO and Google API scripts) — i.e., ingesting untrusted, user-controlled web pages as part of the audit workflow — which could allow third-party page content to influence analysis and subsequent actions.