seomachine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and scrapes open web content (e.g., modules/content_length_comparator.py's _fetch_word_count uses requests+BeautifulSoup to retrieve competitor URLs from SERP results, SKILL.md and content_brief_generator.py call out "--scrape-top-n 10" and "Competitor H2/H3 structure (scraped)", and DataForSEO.get_serp_data returns arbitrary organic_result URLs), so untrusted third‑party pages are ingested and their content is used to drive recommendations and actions.