product-frontend-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts “design reviews of existing sites” and states the user may provide “a live URL,” meaning the agent is expected to fetch and analyze arbitrary public websites (untrusted third-party content) as part of its workflow.