seo-sxo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The required runtime workflow fetches and parses an arbitrary target URL provided by the operating user (Step 1: scripts/fetch_page.py + scripts/parse_html.py), which can ingest outsider-authored free text from third-party webpages into the agent’s LLM context.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches the user-supplied target URL (the runtime parameter "" used with the /seo sxo command) via scripts/fetch_page.py and then parses and injects that page content into the SXO analysis/wireframe generation, so external page content can directly control the agent's outputs.