kwp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly ingests external keyword text from the DataForSEO Labs live API (endpoints keyword_ideas/live and keywords_for_site/live called in scripts/kwp-fetch.mjs and described in SKILL.md), which are user-generated search queries and are parsed and used to drive clustering, prioritization, and article-drafting decisions — enabling untrusted third-party content to influence agent behavior.