aesthetic-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory Phase 0 research and the browser helper instructions (references/browser-helpers.md) explicitly direct the agent to navigate to and extract content from public URLs (e.g., coolors.co, fonts.google.com, user-provided example.com) and to use web-grounding via Gemini, meaning untrusted third‑party pages are fetched and their content is interpreted to drive design decisions and downstream agent actions.