web-design-reviewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires navigating to and retrieving DOM/snapshots from arbitrary provided URLs (see "Step 1.1 URL Confirmation" and "Step 2.1 Page Traversal") and lists "Web Page Navigation" and "DOM Retrieval" as required capabilities, so untrusted third-party page content would be ingested and used to drive inspection and fixes—enabling indirect prompt injection.