icp-website-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs crawling and fetching public websites (Phase 2: "Crawl the client's site" and Phase 3: "Crawl the competitor's site") and checking external presence like search results, review sites, and social proof—all untrusted, public third-party sources that the agent must read and that directly influence scoring and recommendations.