seo-hreflang

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). Outsider free text is ingested when the skill fetches and parses runtime HTML from the user-supplied target domain (homepage + representative pages) via Firecrawl/WebFetch, extracting arbitrary <link rel="alternate" hreflang="…"> values from those pages into the LLM context; this is untrusted public web content authored by others.