multi-location-seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs running endpoints for "audits, rankings, and reviews" using tools like LocalSEOData/Local Falcon and "review monitoring" and "citation" tools, which ingest public user-generated content (reviews, listings, SERP data) that the agent is expected to read and use to drive decisions.