accessibility-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Quick Audit Checklist explicitly instructs running automated scanners (e.g., npx @axe-core/cli <url>, npx pa11y <url>, Lighthouse) against arbitrary pages/URLs and to review those page/PR contents as part of the audit, which means the agent would ingest and act on untrusted public web content (SKILL.md "Automated Snapshot (Recommended)").