customer-feedback-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow's first step explicitly requires aggregating and ingesting open/public user-generated sources—e.g., "app store reviews, social media mentions, G2/Capterra reviews"—and the agent is expected to read and interpret that content to extract themes and drive recommendations, which could enable indirect prompt injection.