israeli-ecommerce-compliance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md (Step 4) and multiple examples explicitly require using "browser automation" to scan and "scan website" content (public/third‑party web pages / arbitrary URLs) and then base compliance findings and recommended fixes on that content, so it ingests untrusted third‑party material that can influence tool actions and decisions.