reviewing-a11y

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the orchestrator to fetch and analyze live, user-provided URLs and Figma links using Playwright (mcp__playwright__browser_navigate / snapshot) and WebFetch as part of its required workflow (see SKILL.md / SKILL.ja.md and references/page-review.md and references/design-review.md), so it ingests arbitrary public third‑party content that can materially influence tool use and decisions.