playbook-reputation-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and review open web content (e.g., "Search [business name] + [city] in an incognito browser window; screenshot page 1 results", check GBP Q&A, public reviews on Google/Facebook/TripAdvisor and specific news sites like Daily Monitor/New Vision/Nile Post) and to base audit scores, red-flag decisions, and response/suppression actions on that untrusted, user-generated third-party content.