auth

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill fetches and parses a public endpoint (Step 1: curl "https://admin.hlx.page/config/${ORG}/sites.json") to extract a SITE value that is then used to construct the Playwright login URL and drive subsequent actions, so untrusted public content is read and can materially influence the agent's behavior.