seo-team-the-researcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests open web content (Google SERPs, AI Overviews, competitor ranked keywords and domain intersections) via seocli/dataforseo-labs calls (e.g., the seocli serp google organic live and dataforseo-labs ranked-keywords/domain-intersection commands in SKILL.md and reference files) and then uses that untrusted third-party content to determine intent, cluster membership, zero-click adjustments, and prioritization decisions (e.g., "The SERP always wins", SERP similarity clustering, and zero-click risk → opportunity score), so external content directly influences agent actions.