homepage-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Audit Without Access" section explicitly tells the agent to request a "URL to review via web fetch," which requires fetching and interpreting arbitrary public webpages (untrusted third-party content) as part of the audit workflow.