flywheel-qa

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and navigates to Vercel preview deployment URLs (see "Get Preview URL" extracting https://*.vercel.app) and uses the Agent Browser to read page content and console messages as part of its QA workflow, so untrusted public third-party content can influence decisions and actions (pass/fail, PR comments).