web-performance-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's measure_performance(url) function (and references to Lighthouse, PageSpeed Insights, WebPageTest and "field_data") indicates it fetches and analyzes arbitrary public URLs and field data (user-provided websites), exposing the agent to untrusted third-party web content.