clean-code

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Agent → Script Mapping and Script Output Handling explicitly require running scripts that accept arbitrary URLs (e.g., lighthouse_audit.py <url>, playwright_runner.py <url>) and mandate reading and summarizing their output, so the agent will fetch and interpret untrusted public web content as part of its workflow.