profiling-performance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md "Step 1: Identify Audit Target" and "Step 2: Run Lighthouse Audit") instructs the agent to fetch and run Lighthouse on arbitrary target URLs, meaning it ingests and analyzes untrusted public web content which can directly influence audit results and the agent's subsequent recommendations.