accessibility-auditor-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's core workflow explicitly requires fetching and analyzing target web pages (e.g., "npx lighthouse https://example.com", "npx pa11y https://example.com", "cy.visit('/')", and in-page DOM checks like document.querySelectorAll('img:not([alt])')), so it ingests untrusted public web content which the agent reads and uses to drive audit findings and next actions.