wp-to-static

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly mirrors and fetches the target WordPress site via wget from the user-supplied WP_SITE_URL (Step 3) and then parses and interprets the site's HTML/CSS to build and modify the static site (Step 5–6), so untrusted, user-generated web content can influence its processing and downstream actions.