accessibility-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Automated Testing" section instructs running tools (e.g., "npx lighthouse https://yoursite.com", "npx @axe-core/cli https://yoursite.com", "npx pa11y https://yoursite.com"), which clearly requires fetching and analyzing arbitrary public websites (untrusted third-party content) as part of the workflow, so page content could influence the agent's findings and next actions.