web-design-reviewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Recommended Workflow explicitly instructs the agent to "Open the page with a browser-capable MCP client such as Playwright MCP" and maps browser tools like browser_navigate/browser_snapshot, so the agent will fetch and read arbitrary live web pages (public/untrusted third‑party content) as part of its inspection and remediation decisions.