product-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to use WebSearch/WebFetch to fetch public websites, App Store pages, and user-generated sources (e.g., App Store reviews, Reddit) — see competitive-analysis SKILL.md and WORKFLOW.md Phase 2 — which the agent reads and uses to produce recommendations (feature matrix, pricing, differentiation), so untrusted third‑party content can materially influence its actions.