marketplace-advertising

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly pulls and processes user-generated search queries from Amazon's search term reports (see "Campaign Manager → [Auto Campaign] → Search Term Report" in SKILL.md and the keyword-harvesting task which uses the Amazon Advertising API reporting endpoints), meaning untrusted third-party content is ingested and used to drive campaign actions like adding keywords and negatives.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes programmatic controls for advertising spend: it instructs setting daily budgets and bid amounts, gives concrete rules to increase/reduce bids, and contains sample code using the Amazon Advertising API (token fetch and an optimizeBids routine) to adjust bids programmatically. Per the core rule, API-based management that updates bids/budgets is direct management of ad spend (financial execution), so this is a specific tool to move money/allocate spend.