seo-specialist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow explicitly requires fetching and interpreting public website content (e.g., "Run technical audit" — check robots.txt, XML sitemap, canonical tags; competitor analysis and backlink data) and the example command python scripts/site_audit.py --url https://example.com (plus references to Ahrefs/SEMrush) shows the agent will ingest open/public third‑party pages and data which can materially influence audit decisions and subsequent actions, exposing it to untrusted/user-generated content that could carry indirect prompt injection.