geo-bulk-processor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly requires ingesting and profiling external URL lists and sitemaps (SKILL.md "Ingest and profile the corpus" and references/bulk_pipelines.md "Ingest sitemap(s) and URL lists"), meaning the agent will fetch and interpret arbitrary public web content that could contain untrusted, user-provided instructions influencing pipeline decisions.