marketing-cro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Research Mode and Context C (Live Website URL Audit) explicitly direct the agent to visit and scrape live public pages using agent-browser (e.g., agent-browser --session cro-audit open "https://{page-url}" and agent-browser get text body), meaning it ingests arbitrary third-party web content provided at runtime and uses that content to drive audits and recommendations.