qe-visual-accessibility

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md agent workflow and Visual Testing Operations explicitly instruct the agent to fetch and audit arbitrary web pages (e.g., accessibilityAgent.audit({ url: 'https://example.com' }), responsiveTester.test({ url: 'https://example.com' }), visualTester.compareScreenshots against production/staging) and the evals YAML includes an external image_url, so the agent ingests untrusted third‑party web content which is parsed and used to generate reports and remediation that materially influence decisions.