ux-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to crawl and fetch arbitrary public websites (user-provided URLs) using Exa MCP / WebFetch / WebSearch (see SKILL.md "Prerequisites — web crawling tool" and "Step 1. Data collection"), and it ingests and interprets that untrusted third‑party page content to produce audit findings and drive recommendations.