performance-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Audit Workflow and Playwright MCP Commands explicitly instruct the agent to "playwright_navigate" / "Navigate to [URL] and measure page load performance" and to capture screenshots and network requests, which means it will fetch and analyze arbitrary public web pages (untrusted third‑party content) as part of its workflow.