astro-github-actions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow templates (references/workflows.md and SKILL.md) include Lighthouse CI Option B and the Link Checker jobs that explicitly run against deployed preview URLs and external site links (e.g., using ${{ github.event.deployment_status.target_url }}, lycheeverse/lychee-action, and treosh/lighthouse-ci-action), which causes the CI to fetch and interpret untrusted, user-provided public web content that can change CI gating/decisions.