paw-mkt-analytics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (references/shared-patterns.md "Context C — Live Website URL Audit" and the Response Protocol step to "use the live page ... as the working source of truth") plus explicit agent-browser commands to open public sites (e.g., LinkedIn, Facebook Ads Library, Twitter/X) show it fetches and ingests public/untrusted web content that the agent is expected to read and use to drive audits, recommendations, and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's runtime instructions include installing and running agent-browser from the GitHub URL (npx skills add https://github.com/vercel-labs/agent-browser --skill agent-browser), which fetches and executes remote code used by the skill for browser-based research, so this external URL is a runtime dependency that can execute remote code.