amazon-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly scrapes public Amazon pages (see search_amazon and get_product in amazon_skill.py and the SKILL.md notes) ingesting product pages, descriptions and user reviews from https://www.amazon.com which the agent reads and uses to drive searches, enrich lists, and build carts—exposing it to untrusted, user-generated content that could influence subsequent decisions.