competitor-data-verifier

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to use WebFetch/WebSearch to scrape and read open/public third-party sites (e.g., https://{competitor}.com/pricing, docs.{competitor}.com, and third-party review sites like G2) and then use those page contents and quotes to decide updates and generate recommended diffs for competitorData files, which clearly exposes the agent to untrusted web content that can influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime WebFetch/WebSearch calls to external pages (e.g., https://{competitor}.com/pricing and https://docs.{competitor}.com) whose fetched content is injected into the agent's report-generation prompts (quotes, diffs, and recommendations), so external content directly controls the agent's outputs.