security-headers-configuration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill includes a "Header Testing Script" that calls requests.get(url) to fetch and inspect headers from arbitrary public websites (test_security_headers), so it ingests untrusted third-party content as part of its workflow.