production-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly permits and instructs the agent to perform browser/HTTP checks on a deployed URL ("If a deployed URL is in scope, use browser or HTTP checks only against that URL"), meaning the agent will ingest untrusted third-party web content as evidence that can materially influence audit findings.