agent-cli-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory Site Archaeology phase (Phase 3 and references/site-exploration.md) instructs the agent to navigate to arbitrary target URLs, capture network traffic, snapshot DOM, and run evaluate/fetch calls against public third‑party websites and APIs—clearly ingesting untrusted user-generated/open web content that can influence subsequent CLI implementation and actions.