accessibility-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Audit Workflow explicitly navigates to arbitrary web pages (e.g., browser-devtools-cli $SESSION navigation go-to --url "https://example.com") and then takes ARIA snapshots and AX-tree snapshots and performs interactions on that page, meaning it fetches and interprets untrusted public web content that could contain indirect prompt injections.