ads-dna

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (Step 2 "Fetch Pages") uses the WebFetch tool to retrieve visible text, blocks, meta tags, Google Fonts URLs, and og:image values from arbitrary website URLs provided by the user, and Step 3 explicitly instructs the agent to interpret that untrusted third‑party page content to construct brand-profile.json and drive subsequent ad-generation actions.