convert-url-to-nextjs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly supports live URL capture and mirrored downloads (see SKILL.md "Capture Wave" and references/capture-workflow.md and references/input-output-spec.md), using run-agent-browser to open arbitrary public URLs and download CSS/JS/fonts/images which the agent then parses and acts on as evidence, so it ingests untrusted third‑party web content that can materially influence decisions and tool use.