marketing-email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to audit and "use" live websites and flows supplied via URL as the starting context (see "Live URL / flow audit mode" and the Response Protocol step 1), meaning it fetches and interprets untrusted third-party web content which can materially influence its actions.