business-competitor-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Flagged because the skill explicitly instructs the agent to fetch and scrape open/public web content (e.g., "Fetch the URL using web_fetch" and to "fetch competitor homepage/about/pricing" and consult public sources like Crunchbase, LinkedIn, Reddit/forums), so it will read and interpret untrusted, user-generated public web content as part of its workflow, enabling indirect prompt injection.