aeo-geo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required AI Visibility Audit and Entity Consistency workflows explicitly instruct the agent to query and capture outputs from public AI platforms (ChatGPT, Perplexity, Google AI Overviews, Gemini, Copilot) and to read/cross-reference third‑party public sites (Wikipedia/Wikidata, Crunchbase, LinkedIn and cited URLs), meaning the agent ingests untrusted, user‑generated/open web content that could carry adversarial instructions influencing subsequent actions.