client-proposal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and audit a prospect's public website URL (see "Step 1: Automated Site Analysis" — Lighthouse scans, sitemap/page scans, screenshots, SEO scan), so untrusted third‑party site content is ingested and the findings directly drive proposal decisions and next actions.