performance-profiling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts/lighthouse_audit.py (and the SKILL.md usage example) explicitly run Lighthouse against arbitrary URLs (e.g., python scripts/lighthouse_audit.py https://example.com), which fetches and analyzes open/public web pages so untrusted third‑party content can influence the generated report and any downstream decisions.