geo-competitor-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses arbitrary public competitor sites (see scripts/scan_competitors.py fetch() calls and SKILL.md examples like "python scripts/scan_competitors.py --competitors competitor1.com") — pulling /llms.txt, /robots.txt, homepages, /about, sitemaps, etc. — and uses that untrusted, user-specified web content to drive scoring and analysis, so third-party content can materially influence decisions and enable indirect prompt injection.