juma-geo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md Step 3 "Analyze Citation Sources" and the Appendix tables for "Third-Party Pages Citing the Client") explicitly instructs cataloging and analyzing URLs cited by LLMs (e.g., Perplexity, Bing) and reviewing public third‑party pages (reviews, directories, publications), so the agent will ingest and act on untrusted public web content that could carry indirect prompt-injection vectors.