purple-cow-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Workflow Step 1 explicitly instructs the agent to perform web_searches for public reviews, comparisons, and complaints and to check the product website (open/public third‑party and user‑generated sources), and those findings are required evidence that directly influence the audit score, recommendations, and subsequent tool actions—so untrusted content could materially affect agent behavior.