ds-brain

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 2 Path A and Path B) ingests third‑party platform data via the Dataslayer MCP (explicitly fetching Search Console queries, GA4, Google Ads, Meta/LinkedIn, Stripe, etc.) and accepts user-provided CSV/JSON tables, and that untrusted/user-generated content is parsed and cross‑referenced to drive decisions (e.g., pausing campaigns, reallocation) — creating a clear vector for indirect prompt injection from external data sources.