roier-seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's audit scripts (scripts/audit.js using Lighthouse and scripts/audit-api.js calling the PageSpeed Insights API) fetch and analyze arbitrary publicly accessible URLs and parse audit.details.items (including node.snippet), so the agent consumes untrusted third‑party web content that could carry indirect prompt injection.