local-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to fetch Google Maps Places data via endpoints like https://stableenrich.dev/api/google-maps/place-details/full which explicitly returns user-generated reviews and other third-party content that the agent is told to read and use when comparing and selecting businesses, so untrusted content can materially influence actions.