lighthouse-ci-integrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs running Lighthouse against external URLs (e.g., the GitHub Action that runs lhci autorun --url=${{ steps.wait-for-vercel.outputs.url }} and the run-lighthouse.ts --url <url> option), meaning the agent fetches and analyzes untrusted/public web pages (deploy previews or arbitrary URLs) whose content can influence CI decisions, PR comments, and alerts.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The GitHub Actions steps in the CI workflows (for example uses: actions/checkout@v3 -> https://github.com/actions/checkout) are fetched from GitHub and executed at workflow runtime, so they are runtime external dependencies that execute remote code required by the provided CI job.