paw-mkt-product-context

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs the agent to fetch and audit live public URLs and run browser-based research (references/check-existing.md: "Live URL or public presence — Use public site and messaging as inputs" and references/shared-patterns.md's "agent-browser" setup), and the document template even cites public review sites and social media (references/document-template.md §9 lists G2, Reddit, Twitter), so the agent will read and act on untrusted, user-generated third‑party content as part of its decision-making.