audit-website-pro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and audit arbitrary user-supplied public URLs (see SKILL.md "Step 2: Run API Calls" calling /lighthouse?url={URL}, /links?url={URL} and the API Reference), meaning it ingests untrusted third-party web content and uses that content to generate actionable recommendations and drive next actions.