Sales

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The prompt includes a mandatory "Voice Notification" that requires executing a curl POST and performing side-effectful actions immediately upon invocation, which is an out-of-scope, non-advertised instruction unrelated to the Sales skill's stated content-generation purpose.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and processes a "URL to product page" as required input (see Workflows/CreateNarrative.md Step 1 and CreateSalesPackage Step 1), so the agent will fetch and interpret public third‑party web content that can materially influence downstream narrative, visual prompts, and tool invocations, enabling indirect prompt injection.