review-generation-engine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests and processes user-generated reviews via the review submission and moderation workflows (see review-endpoints.ts / moderation.ts and the SKILL.md moderation and tokenized submission sections), meaning the agent reads untrusted customer-supplied content from the pending review queue which directly drives moderation decisions and follow-up actions.