amazon-sales-estimator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and scrape public Amazon pages (Mode B: "Fetch product data using web_fetch on Amazon product page"; Mode C: "Search products using web_search for site:amazon.com") and then parse BSR/price/reviews to drive estimates and actions, which exposes it to untrusted, user-generated third-party content that can materially influence decisions.