wcag-audit-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md step 1: "Run automated scans (axe, Lighthouse, WAVE) to collect initial findings") and the playbook examples (resources/implementation-playbook.md showing CLI/Playwright commands like npx @axe-core/cli https://example.com and page.goto('/')) instruct the agent to fetch and analyze arbitrary public websites, which are untrusted third-party content that the agent must read and act on.