dissect-brand

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (Step 2 in SKILL.md) explicitly instructs the agent to "Visit the company's website" and "Use WebFetch to load each page" and extract images/meta from arbitrary public company pages (og:image, img src, CSS), meaning it fetches and ingests untrusted third‑party web content which the agent must read and use to drive analysis and decisions.