ads-competitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to research and read public ad content from third‑party sources—e.g., Google Ads Transparency Center, Meta Ad Library, LinkedIn Ad Library, TikTok Creative Center, and tools like SEMrush/SpyFu—and to analyze that untrusted public content as part of its workflow, which could allow indirect prompt injection via advertised copy or user‑generated entries.