review-mining

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly directs the agent to collect and analyze user-generated reviews from public sites (e.g., Trustpilot, G2, Capterra, App Store/Play Store, Reddit, Twitter/X) and to extract verbatim quotes that will be used to drive positioning and next actions, which exposes the agent to untrusted third-party content that could carry indirect prompt injection.