security-visual-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflows (e.g., "Security Visual Audit (Full Pipeline)" and CLI examples like aqe test visual-audit --url https://example.com and aqe screenshot --url ...) explicitly fetch and scan arbitrary public URLs and page content, so the agent consumes untrusted third-party web pages whose content could influence scanning/decision logic and enable indirect prompt-injection.