audit-website

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly crawls and fetches arbitrary live websites provided by the user (e.g., "squirrel audit https://example.com", "Crawl: Discovers and fetches pages starting from the base URL") and checks external links, then produces LLM-optimized output intended for AI agents to read, which means untrusted public web content can be ingested and interpreted by the agent.