wordpress-theme-to-emdash

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 1 discovery instructions (phases/1-discovery.md and SKILL.md) require the agent to use agent-browser to open arbitrary demo URLs, fetch/download sample images, and even auto-derive and fetch listing/demo pages (e.g., "agent-browser open https://demo-site.com", "curl -O https://downloads.wordpress.org/theme/theme-name.zip", "Fetch the listing page to extract demo URL..."), which clearly ingests untrusted public web content that the agent is expected to read and use to drive subsequent conversion and seeding decisions.