landing-page-breakdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly tells the agent to "Navigate to the landing page URL" and run JavaScript (e.g., the document.querySelectorAll/getComputedStyle extraction snippets in SKILL.md) to ingest page text and styles from arbitrary public landing pages, which are untrusted third‑party content the agent will read and use to drive analysis and next actions, enabling indirect prompt injection.