team-frontend-debug

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly navigates to and ingests content from arbitrary target/base URLs provided in user input (see roles/reproducer/role.md and tester/role.md using mcp__chrome-devtools__navigate_page and snapshot/console/network captures) and then analyzes that untrusted page content as required evidence to drive analyzer/fixer/verifier decisions, so third‑party page content can materially influence agent actions.