content-security-policy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 1 workflow explicitly fetches CSP headers and page content from arbitrary URLs and domains (using curl, sitemap spidering, and homepage link extraction up to 20 pages), which ingests untrusted, third‑party web content that the agent parses and uses to drive analysis and reporting.