nextjs-seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "Quick SEO Audit" explicitly tells the user/agent to fetch and inspect public site resources (e.g., "curl https://your-site.com/robots.txt", "curl https://your-site.com/sitemap.xml" and "View page source"), meaning the agent would read and act on untrusted, user-controlled public web content (robots.txt, sitemap, page HTML) that can influence its diagnostic decisions and next actions.