seo-pseo-planner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and CASE-STUDIES.md explicitly instruct ingesting untrusted third-party content — e.g., Step 3 "Gather Content" lists UGC, Web Scraping and APIs, the "Tattoos AI" pipeline describes a cron job that collects user-generated prompts/images, "Landingfolio" mentions a Product Hunt scraper, and the HeadshotPro failure case describes scraping Google Maps — all of which the agent is expected to read, categorize, and act on to create pages.