growth-at-scale

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Browser Automation Workflows and Unified Social Posting/Ad integrations explicitly navigate and interact with public sites and social platforms (e.g., Substack, Product Hunt, Twitter/Reddit/Late/Buffer), so the agent will fetch and process untrusted user-generated content from the open web.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes specific integrations and commands that can alter spend and move money. It declares MCP servers for Google Ads and Meta Ads (explicit ad-platform tools), and provides CLI-style commands that create campaigns with a --budget flag (/ads create google --budget 50) and pause campaigns (/ads pause meta campaign-123) — i.e., APIs to update ad budgets/spend. It also exposes a referral payout command (/referral payout) and references payout/Stripe integrations (Rewardful, Stripe) for referral/affiliate flows. These are explicit, purpose-built financial actions (managing ad budgets and processing payouts), which meet the "Direct Financial Execution" criteria.