wcag-accessibility-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly asks for live URLs ("urls_or_screenshots: Live URLs (preferred)") and instructs the agent to review and run automated/manual tests (axe, WAVE, W3C Validator, screen reader navigation) on those public webpages, meaning the agent will fetch and interpret untrusted third‑party web content as part of its workflow.