paw-mkt-content

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Reference Lookup and Content Research workflows (see references/content-research.md and Starting Context Router in SKILL.md) explicitly instruct the agent to use agent-browser or WebFetch/WebSearch to open and scrape public web pages—including Google search results, competitor blogs, Reddit, Quora, and AnswerThePublic—so it ingests untrusted, user-generated third‑party content that the agent is expected to read and use to drive decisions and follow-up actions.