performance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill accepts an arbitrary target.url (Input Schema -> target.url) and its example k6 scripts perform http.get and inspect response bodies (e.g., check(res, {'body contains expected': (r) => r.body.includes('success')})), so it clearly fetches and interprets untrusted third‑party web content provided via URLs.