core-web-vitals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill demonstrates runtime ingestion and rendering of third-party/untrusted content — e.g., AdSlot uses loadAd(slot) to fetch/display ads, the Article example uses dangerouslySetInnerHTML(article.content) and fetchRelated/ loadAd calls, and the docs reference external analytics/scripts (e.g., https://slow-analytics.com/script.js, analytics.example.com) and third-party embeds/iframes — which clearly expose the agent to untrusted, user-provided web content.