debug-optimize-lcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (SKILL.md Steps 1–3) instructs the agent to navigate to arbitrary target URLs and run evaluate_script and network-inspection tools (see references/lcp-snippets.md) to ingest DOM, resource URLs, and timing data from public web pages, which the agent then interprets to drive analysis and remediation decisions—exposing it to untrusted third-party content that could inject instructions indirectly.