designer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 1 "Visual Inspection" explicitly uses Playwright to navigate to a provided URL (or ask for one) and screenshot/inspect the running application, which means the agent will fetch and read arbitrary user-supplied/public web pages (untrusted third-party content) as part of its workflow.