ci-cd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's required CI workflows fetch and analyze live site content (e.g., .github/workflows/accessibility-scan.yml which passes a configurable "urls" value to github/accessibility-scanner@v3, the Deep Site Audit Playwright crawl that visits and audits the site, and references to external "Open-Scans"), so it clearly ingests untrusted/public web pages whose content can influence failing builds, auto-file issues, and drive an automated remediation agent.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The example GitHub Actions workflow includes external actions that are fetched and run at CI runtime (notably github/accessibility-scanner@v3 — https://github.com/marketplace/actions/accessibility-scanner), which means remote repository code will be executed as a required dependency.