plausible-insights

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and examples explicitly require the agent to fetch and read live public web pages via WebFetch (e.g., "CRITICAL: Fetch the actual /pricing page" and the WebFetch calls in the Workflow/Examples), so the agent ingests open/public page content and uses it to drive analysis and recommendations.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly performs WebFetch at runtime to fetch arbitrary site pages and inject their content into analysis prompts (e.g., WebFetch: https://yoursite.com/pricing), so remote page content directly controls the agent's instructions and is required for its analysis.