bmad-agent-marketing-analytics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Shared Patterns and Research Mode explicitly instruct the agent to audit user-provided live websites and to run agent-browser commands that open arbitrary public URLs (e.g., "agent-browser --session analytics-research open 'https://{domain}'" and Pagespeed/Rich Results/Schema validators), meaning it fetches and interprets untrusted third‑party web content as part of its required workflow.