ui-design-ethos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Audit mode explicitly accepts a "live URL" as an input to review existing UIs (Mode 2 — "Trigger: User shares ... live URL") and requires the agent to read and evaluate that content as part of its workflow, so arbitrary public web pages could be ingested and influence audit decisions.