google-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly crawls and fetches arbitrary public URLs supplied by the user (see SKILL.md orchestration and scripts/crawl_site.py and scripts/fetch_page.py), parses HTML/JSON-LD and robots.txt (parse_html.py and the /llms.txt check), and the rules engine uses those extracted facts to produce audit verdicts—so untrusted third‑party content is ingested and can materially influence decisions.