launch-positioning-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 1 instructions and Tools Required explicitly instruct the agent to use web_search and fetch_webpage to scrape competitor home/pricing/about pages and to mine public review sites (e.g., G2/Capterra), meaning the agent will ingest untrusted, user-generated third‑party content that can influence its next actions and messaging decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly requires runtime use of web_search/fetch_webpage to fetch competitor pages (e.g., user-supplied competitor URLs such as site:[competitor-url] — competitor homepage/pricing/about pages), and those fetched pages are injected into the model context and used to drive the agent's positioning output, so external web content fetched at runtime directly controls agent behavior.