web-performance-optimization

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow instructs running Lighthouse audits and analyzing target site data (e.g., "Run Lighthouse audits" and the example command lighthouse https://yoursite.com and examples that load external scripts like https://analytics.com/script.js), which means the agent would fetch and interpret content from arbitrary public websites and use those results to drive optimization actions—exposing it to untrusted third-party content that could influence behavior.