landing-page-intel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's main script (scripts/scrape_landing_page.py) explicitly fetches arbitrary public HTML via requests.get for the user-supplied --url/--pages and then parses that untrusted webpage content (CTAs, hidden comments, structured data, etc.) to infer tech stack and sales motion, so third-party site content can materially influence its outputs and downstream decisions.