link-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 2 "Link Extraction & Validation" (SKILL.md) explicitly performs HEAD/GET requests against arbitrary external URLs extracted from static pages and CMS items and uses the external responses (status codes, redirects, HTTPS availability) to decide automatic fixes and updates, exposing the agent to untrusted third‑party web content.