javascript-dom-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and analyzes public web pages as part of its required workflow (see SKILL.md operations like detect_framework_globals, analyze_dom_attributes, check_source_maps and the "Page fetches: 10/minute" / "Only fetch and analyze public pages" notes), so untrusted third-party page content is ingested and can influence detections and subsequent actions.