web-design-reviewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly asks the user for a target URL and instructs the agent to navigate to that URL and retrieve DOM/screenshot data (see SKILL.md Step 1.1 "Please provide the URL..." and Step 2.1 "Navigate to the specified URL / Retrieve DOM structure"), which means it fetches and interprets arbitrary public web content that could be untrusted and influence subsequent actions.