local-seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's required workflow explicitly instructs checking and ingesting public, user-generated content from Google Business Profile and other directories and review sources (see references/citations-uk.md and references/competitive-edge.md — e.g., "GBP Monitoring", "new reviews", direct review links and competitor backlink exports), which the agent would read and use to make deployment/blocking decisions, exposing it to untrusted third-party content that could carry indirect prompt-injection.