technical-seo-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and bulk-audit-playbook explicitly require fetching and parsing arbitrary public URLs, sitemaps, robots.txt and page HTML (e.g., "Perform a technical SEO audit for [URL/domain]", "Audit Crawlability — review robots.txt, sitemap discovery", and Data Sources: "Use web crawler... otherwise ask for URLs, PageSpeed reports, robots.txt, and sitemap"), so the agent will ingest untrusted third‑party web content which can materially influence audit decisions.