competitor-intel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly runs live web searches and page extractions (e.g., many nimble search calls in SKILL.md Steps 1–4 and nimble extract --url "..." in Step 5, plus the competitor-agent-prompt which includes social domains like X/LinkedIn and extraction instructions), therefore it ingests untrusted, user-generated third-party content and uses that content to determine event dates, corroboration, and downstream report actions.