seo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and render arbitrary web pages for auditing (e.g., the "Schema Markup Detection Limitation" section tells the agent to use a browser tool to render the page and run document.querySelectorAll(...) and to use public tools like Google Rich Results Test), which means it ingests and interprets open/public third‑party site content as part of its workflow.