seo-backlinks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and ingest backlink data from open/public third-party sources (e.g., Common Crawl domain graph via scripts/commoncrawl_graph.py, DataForSEO via dataforseo_backlinks_summary, and external APIs like Moz/Bing invoked by python scripts/backlinks_auth.py), and then directly uses that untrusted, user-generated web content to drive analysis, scores, and remediation actions (e.g., disavow recommendations), which could allow indirect prompt injection.