transition-reverse-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly opens arbitrary reference URLs and ingests third‑party site content (DOM/CSS/JS bundles) as part of its mandatory workflow — see "Step 0: Capture Reference Frames" and the "Find and download JS bundles" sections in SKILL.md/js-animation-extraction.md which fetch scripts/styles via agent-browser/fetch/curl for analysis — so untrusted web content is read and used to drive extraction and implementation decisions, enabling indirect prompt injection risks.