ecommerce-content-marketing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to run web_search and web_fetch on public, user-generated sources (e.g., Amazon reviews, Reddit, Trustpilot, YouTube/TikTok comments and competitor social profiles) and to extract and act on those reviews/comments to build strategy, so untrusted third‑party content is read and can materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly performs runtime web_fetch/web_search of external pages (e.g., product pages on https://www.amazon.com and social profiles like https://www.instagram.com/brooklyncandlestudio/) and injects extracted reviews/profile content into the "Customer Voice Bank" and analysis steps, meaning fetched external content directly controls the agent's prompts/outputs.