battle-card

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md Act 1 (Intelligence Gathering) explicitly requires pulling and mining public, user-generated review sites (G2, Capterra, TrustRadius), competitor URLs, and pricing pages to extract quotes and evidence used to build the battle card, which clearly ingests untrusted third‑party content that can influence subsequent actions.