seo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and analyzes arbitrary URLs and competitor pages (see the Input Schema "If URL, will attempt to fetch and analyze", the competitor_urls field, and Example 3's "use web_search or web_browse" instruction), so untrusted third-party page content would be read and used to influence audits and recommendations.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches and analyzes user-supplied URLs at runtime (e.g., entries in the "content" field or "competitor_urls" such as https://competitor.com/heygen-review), and that fetched page content is injected into the agent's audit context—so external content can directly influence the model's prompts/results.