static-seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md Phase 1 and Phase 3) instructs the agent to fetch and audit live site resources (e.g., confirm /sitemap.xml and /robots.txt, run linkinator against https://example.com, and send pages to the Rich Results Test/IndexNow), which clearly ingests open/public third-party HTML and metadata that could contain untrusted/user-generated content and thereby influence subsequent audit actions and generated fixes.