pseo-engine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly calls WebSearch/WebFetch to retrieve and analyze arbitrary public websites and SERP results (e.g., scripts/competitor_analyzer.py: "Use WebFetch to retrieve the competitor page" and keyword_analyzer.py: "Uses WebSearch to gather real-time SERP data"), so the agent ingests untrusted third‑party web content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Competitor Analyzer usage explicitly instructs the agent at runtime to "WebFetch: [competitor_url]" and to extract and feed the competitor page HTML/JSON-LD into the analysis (i.e., inject external page content into the agent context), so external URLs provided at runtime can directly control prompts — flagged: WebFetch: [competitor_url].