competitive-ads-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to scrape and extract ads from public third‑party sources (e.g., "Scrapes ads from Facebook Ad Library, LinkedIn, etc." and the example "Accessing Facebook Ad Library..."), meaning it ingests untrusted, user‑generated web content and analyzes it as part of its workflow.