on-page-seo-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires fetching and parsing arbitrary public page URLs (see Quick Start examples, Data Sources: "use web crawler...otherwise ask for page URL/HTML", and Step 1 "Read the page's H1, title tag, meta description, first 200 words") and uses that content to compute scores and drive follow-up actions, so the agent ingests untrusted third‑party web content that could contain indirect prompt-injection vectors.