product-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs using WebSearch/WebFetch to fetch public third‑party content (e.g., competitor websites and App Store pages/reviews) — see competitive-analysis SKILL.md and WORKFLOW.md which require visiting and reading those open web pages — and that fetched, user-generated content is read and used to drive competitive insights, pricing, and product decisions, satisfying all conditions for exposure to untrusted third‑party content.