competitive-ads-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow explicitly instructs the agent to "Access relevant ad libraries" and "Extract ads + screenshots" from public third‑party sources (e.g., facebook.com/ads/library, ads.tiktok.com/business/creativecenter, adstransparency.google.com, linkedin.com/ad-library), which the agent will read and analyze as part of its decision-making and output generation, exposing it to untrusted external content that could carry indirect prompt injection.