core-web-vitals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Measurement tools" section explicitly tells the user to run npx lighthouse and references field-data sources like the CrUX API and Search Console, which requires fetching and interpreting arbitrary public web pages and their content as part of the workflow, exposing the agent to untrusted third‑party content.