content-quality-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly accepts and fetches arbitrary public URLs/page content (see "Quick Start" examples accepting "[content text or URL]" and the "Data Sources" section: "With web crawler ... Automatically fetch page content, extract HTML structure, check schema markup, and pull competitor content"), and the agent is required to read and act on that untrusted third‑party content to compute vetoes, scores, and follow-up actions—creating a clear path for indirect prompt injection.