frontend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and read third‑party pages (e.g., "BEST: Fetch https://web-platform-dx.github.io/web-features-explorer/groups/ and find the feature in there, then fetch its detail page" in "How to Check Baseline Status"), which requires ingesting untrusted public web content that can influence feature recommendations.