ln-501-code-quality-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory "MCP Ref validation" step instructs the agent to run ref_search_documentation / query-docs / context7 lookups (e.g., ref://owasp-session-management, ref://javascript-performance) to research external/public documentation and the diagram.html references an external CDN, so the agent will fetch and interpret open third‑party web content as part of its workflow.