seo-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 3 "Analyze" workflow instructs the agent to open a browser session and fetch/inspect arbitrary, user-provided public URLs (inspect_page DOM, fetch /robots.txt and /sitemap.xml, verify og:image URLs, extract JSON-LD), which are untrusted third-party content that the agent will read and act upon.