seo-health

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (scripts/health-crawl.sh and scripts/health-images.sh) and the workflow in SKILL.md fetch and parse arbitrary public site content (sitemap, robots.txt, and page HTML via curl for https://), and the skill explicitly states "the agent reads the output, prioritizes fixes, and adds them to your task list," meaning untrusted third‑party page content is ingested and can influence the agent's next actions.