wcag-audit-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to load and analyze arbitrary public websites as part of its workflow (e.g., Playwright examples using page.goto('/') and runAccessibilityAudit that runs axe on the page, plus CLI examples like "npx @axe-core/cli https://example.com", "npx pa11y https://example.com", and Lighthouse against URLs), so it clearly fetches and interprets untrusted third‑party web content.