performance-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires navigating to user-specified target URLs and opening a browser session to capture and analyze live page resources (Phase 2 "Target URL" and Phase 3 "Browser validation" using performance.getEntries()/resource and script domain inspection), which means it fetches and interprets content from arbitrary public websites that could be untrusted.