competitive-ads-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to scrape/extract ads from public platforms like "Facebook Ad Library" and "LinkedIn" (e.g., "Extracts Ads: Scrapes ads from Facebook Ad Library, LinkedIn, etc." and the example "Accessing Facebook Ad Library..."), so the agent ingests untrusted third-party ad content and uses it to drive analysis and recommendations, creating a risk of indirect prompt injection.