web-performance-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to load and analyze arbitrary web pages (e.g., navigate_page(url: ""), performance_start_trace, list_network_requests), which fetches and interprets untrusted public web content that could contain indirect prompt injections.