team-visual-a11y

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's auditor roles (e.g., roles/color-auditor/role.md and roles/focus-auditor/role.md) explicitly accept target URLs from the task description and use mcp__chrome-devtools__navigate_page and evaluate_script to fetch and inspect rendered web pages as part of required audit steps, so arbitrary public web content (untrusted/user-controlled) is ingested and can materially influence subsequent actions.