reference-to-landing-page

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly navigates to and captures arbitrary public reference URLs (see SKILL.md Step 1 "Capture the Reference Page" using Playwright MCP's browser_navigate, browser_snapshot, and extracted accessibility tree), ingesting untrusted third-party page content that is then analyzed and used to drive section mapping and component selection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly navigates to and captures a user-supplied reference URL at runtime via browser_navigate({ url: "" }) (e.g., mlb.asu.edu), and the fetched page content is parsed and injected into the agent's generation/mapping flow, so the external URL directly controls agent behavior.