accessibility-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs agents to fetch and analyze web pages (e.g., the "Agent-Driven Accessibility" Task with url 'https://example.com/checkout', Playwright examples using page.goto('/'), and the output schema/metadata requiring a targetUrl), which means the agent will browse and ingest arbitrary public URLs whose content could influence tooling and actions.