paw-ps-audience

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's reference instructions (see references/language-capture.md Step 1 and references/persona-construction.md Step 2) explicitly require gathering and interpreting untrusted, user-generated content from public sources—e.g., reviews (Amazon, G2, Capterra, App Store), forums/Reddit, and social media—which the agent is expected to read and use to drive persona/language/value decisions, creating risk of indirect prompt injection.