test-driven-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md "Browser Testing with DevTools" section explicitly instructs the agent to navigate pages and read DOM, console, and network responses (browser page content), which are untrusted third-party web content the agent is expected to inspect and use to diagnose and decide fixes, creating a clear avenue for indirect prompt injection.