bmad-agent-marketing-email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports a "Live Website URL Audit" in ./references/shared-patterns.md and the SKILL.md Starting Context Router and agent-browser setup steps (install/use agent-browser or WebFetch/WebSearch) require fetching and auditing a user-supplied public URL, so the agent will read and act on arbitrary third-party web content that can influence its recommendations.