agent-readiness-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and interprets live public docs (SKILL.md directs "direct HTTP requests, sitemap sampling, and page-level inspection" and scripts/baseline-probes.sh uses curl against BASE_URL/llms.txt, /sitemap.xml and sampled page URLs, including Accept: text/markdown), so it ingests untrusted third‑party web content that directly influences scoring and remediation actions and could enable indirect prompt injection.