content-gap-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and crawl public third‑party sites (e.g., fetching {domain}/sitemap.xml and competitor sitemaps and pages) and to ingest competitor data via third‑party APIs (Semrush), so it will read and interpret untrusted public web content.