web-design-reviewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly requires navigating to and retrieving content from the provided URL (Step 1.1 URL Confirmation and Step 2.1 Page Traversal in SKILL.md), including capturing screenshots and DOM snapshots of potentially public production sites, so the agent will ingest and act on arbitrary third‑party web content that could contain malicious or instructive text influencing its actions.