competitive-intelligence

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to perform web research and ingest public third‑party content (e.g., "Web research works great — product pages, pricing, blogs, release notes, reviews, job postings" and the Phase 2/3 search steps including G2/Capterra/news/changelogs), which the agent is expected to read and use to generate talk‑tracks and battlecard decisions, exposing it to untrusted user‑generated content that could contain indirect prompt injection.