seo-roast

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md requires the assistant to accept arbitrary URL(s) to "roast" and explicitly instructs using a browser or the agent-browser CLI to open those pages and extract text/HTML/screenshots (e.g., "agent-browser open ", "agent-browser get text/get html"), meaning the agent will fetch and interpret untrusted third‑party web content as part of its workflow.