playbook-geo-newsjacking

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests untrusted public news content — it instructs setting up Google Alerts/IFTTT to surface headlines and URLs (Section 2) and requires pasting the breaking news headline and the first 2–3 paragraphs into the Master Prompt (Section 3), which the agent must read and act on to generate and distribute content.